I have observed the every-few-hours creation of files in the C:\Windows\Temp folder of both my sister and brother-in-law's Win7 Pro x64 machines (Lenovo M93p both), which are on the same LAN in their house. They eventually consume all available free space on C, and other programs needing space then fail.
I have to delete the contents of C:\Windows\Temp to get things back to normal, but the process simply restarts and a day or two later the C partition is once again fully consumed with these file. And weirdly this is happening on both machines (which of course are essentially set up identically, both with MSE and MBAM installed).
We're talking about file names starting with CAB, created as shown in the following screenshot (sorted into reverse chronological sequence, newest first):
I have a hunch these are somehow related to either Microsoft Security Essentials (and perhaps downloading of virus definition files? or log files??) or Malwarebytes Anti-Malware.
There are also two LOG files stored in the same C:\Windows\Temp folder, and I believe these are very relevant to explaining the mystery. I will post these two log files as "code".
(a) MpCmdRun.log
(b) MpSigStub.log
The real questions are:
(a) where are they coming from and why?
(b) why aren't they being deleted once used?
I have run FULL scans using both MSE and MBAM, and both machines get a clean bill of health. I suspect it is the MSE and MBAM products themselves which are generating these CAB files.
Any ideas?
I have to delete the contents of C:\Windows\Temp to get things back to normal, but the process simply restarts and a day or two later the C partition is once again fully consumed with these file. And weirdly this is happening on both machines (which of course are essentially set up identically, both with MSE and MBAM installed).
We're talking about file names starting with CAB, created as shown in the following screenshot (sorted into reverse chronological sequence, newest first):
I have a hunch these are somehow related to either Microsoft Security Essentials (and perhaps downloading of virus definition files? or log files??) or Malwarebytes Anti-Malware.
There are also two LOG files stored in the same C:\Windows\Temp folder, and I believe these are very relevant to explaining the mystery. I will post these two log files as "code".
(a) MpCmdRun.log
Code:
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignatureUpdate -ScheduleJob -ISU -RestrictPrivileges
Start Time: Wed Nov 09 2016 22:51:56
Run as Network Service
MpCmdRun: End Time: Wed Nov 09 2016 22:51:56
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
Start Time: Wed Nov 09 2016 22:51:56
Start: Signatures Update Service
Update Started
Search Started (MU/WU update) (Path: http://www.microsoft.com)...
Search Completed
Download Started...
Time Info - Wed Nov 09 2016 22:52:12 Download Progress-
Update Index:0 of 1 - 0%
Download Progress-
Update Index:0 of 1 - 100%
Download Progress-
Update Index:0 of 1 - 100%
Download Completed
Download Completed
Installation Started...
Time Info - Wed Nov 09 2016 22:52:43 Installation Progress-
Percent Complete:100,
Current Update Index:0 (of 1)
Installation Progress-
Percent Complete:100,
Current Update Index:0 (of 1)
Installation Completed
Update completed succesfully
End: Signatures Update Service
MpCmdRun: End Time: Wed Nov 09 2016 22:52:43
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignatureUpdate -ScheduleJob -ISU -RestrictPrivileges
Start Time: Thu Nov 10 2016 00:51:55
Run as Network Service
MpCmdRun: End Time: Thu Nov 10 2016 00:51:55
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
Start Time: Thu Nov 10 2016 00:51:55
Start: Signatures Update Service
Update Started
Search Started (MU/WU update) (Path: http://www.microsoft.com)...
Search Completed
Download Started...
Time Info - Thu Nov 10 2016 00:52:10 Download Progress-
Update Index:0 of 1 - 0%
Download Progress-
Update Index:0 of 1 - 100%
Download Progress-
Update Index:0 of 1 - 100%
Download Completed
Download Completed
Installation Started...
Time Info - Thu Nov 10 2016 00:52:41 Installation Progress-
Percent Complete:100,
Current Update Index:0 (of 1)
Installation Progress-
Percent Complete:100,
Current Update Index:0 (of 1)
Installation Completed
Update completed succesfully
End: Signatures Update Service
MpCmdRun: End Time: Thu Nov 10 2016 00:52:41
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignatureUpdate -ScheduleJob -ISU -RestrictPrivileges
Start Time: Thu Nov 10 2016 02:51:55
Run as Network Service
MpCmdRun: End Time: Thu Nov 10 2016 02:51:55
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
Start Time: Thu Nov 10 2016 02:51:55
Start: Signatures Update Service
Update Started
Search Started (MU/WU update) (Path: http://www.microsoft.com)...
Search Completed
Update completed succesfully. no updates needed
End: Signatures Update Service
MpCmdRun: End Time: Thu Nov 10 2016 02:51:57
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignatureUpdate -ScheduleJob -ISU -RestrictPrivileges
Start Time: Thu Nov 10 2016 04:51:55
Run as Network Service
MpCmdRun: End Time: Thu Nov 10 2016 04:51:55
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
Start Time: Thu Nov 10 2016 04:51:55
Start: Signatures Update Service
Update Started
Search Started (MU/WU update) (Path: http://www.microsoft.com)...
Search Completed
Download Started...
Time Info - Thu Nov 10 2016 04:52:12 Download Progress-
Update Index:0 of 1 - 0%
Download Progress-
Update Index:0 of 1 - 100%
Download Progress-
Update Index:0 of 1 - 100%
Download Completed
Download Completed
Installation Started...
Time Info - Thu Nov 10 2016 04:52:53 Installation Progress-
Percent Complete:100,
Current Update Index:0 (of 1)
Installation Progress-
Percent Complete:100,
Current Update Index:0 (of 1)
Installation Completed
Update completed succesfully
End: Signatures Update Service
MpCmdRun: End Time: Thu Nov 10 2016 04:52:53
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignatureUpdate -ScheduleJob -ISU -RestrictPrivileges
Start Time: Thu Nov 10 2016 06:51:55
Run as Network Service
MpCmdRun: End Time: Thu Nov 10 2016 06:51:55
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
Start Time: Thu Nov 10 2016 06:51:55
Start: Signatures Update Service
Update Started
Search Started (MU/WU update) (Path: http://www.microsoft.com)...
Search Completed
Update completed succesfully. no updates needed
End: Signatures Update Service
MpCmdRun: End Time: Thu Nov 10 2016 06:51:58
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignatureUpdate -ScheduleJob -ISU -RestrictPrivileges
Start Time: Thu Nov 10 2016 08:51:55
Run as Network Service
MpCmdRun: End Time: Thu Nov 10 2016 08:51:55
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
Start Time: Thu Nov 10 2016 08:51:55
Start: Signatures Update Service
Update Started
Search Started (MU/WU update) (Path: http://www.microsoft.com)...
Search Completed
Download Started...
Time Info - Thu Nov 10 2016 08:52:11 Download Progress-
Update Index:0 of 1 - 0%
Download Progress-
Update Index:0 of 1 - 100%
Download Progress-
Update Index:0 of 1 - 100%
Download Completed
Download Completed
Installation Started...
Time Info - Thu Nov 10 2016 08:52:41 Installation Progress-
Percent Complete:100,
Current Update Index:0 (of 1)
Installation Progress-
Percent Complete:100,
Current Update Index:0 (of 1)
Installation Completed
Update completed succesfully
End: Signatures Update Service
MpCmdRun: End Time: Thu Nov 10 2016 08:52:41
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignatureUpdate -ScheduleJob -ISU -RestrictPrivileges
Start Time: Thu Nov 10 2016 10:51:55
Run as Network Service
MpCmdRun: End Time: Thu Nov 10 2016 10:51:55
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
MpCmdRun: Command Line: "C:\Program Files\Microsoft Security Client\\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
Start Time: Thu Nov 10 2016 10:51:55
Start: Signatures Update Service
Update Started
Search Started (MU/WU update) (Path: http://www.microsoft.com)...
Search Completed
Update completed succesfully. no updates needed
End: Signatures Update Service
MpCmdRun: End Time: Thu Nov 10 2016 10:52:02
-------------------------------------------------------------------------------------
(b) MpSigStub.log
Code:
----------------------------------------------------------------------------------
Command: MpSigStub.exe /program ANTIMALWARE /q
Running as administrator: yes
Start time: 11/9/2016 10:52 PM (version 1.1.13251.0)
=================================== ProductSearch ==================================
Microsoft Security Essentials:
Status: Active
Product: 4.10.205.0
Engine: 1.1.13202.0
Signatures: 1.231.1595.0
NIS Engine: 2.1.12706.0
NIS Signatures: 116.65.0.0
================================ PackageDiscovery ================================
Package files discovered:
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1595.0_TO_1.231.1613.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1595.0_TO_1.231.1613.0_MPAVDLTA.VDM._P (?.?.?.?)
AM BDD:
Engine: Not included
AS base VDM: Not included
AV base VDM: Not included
AS delta VDM: 1.231.1613.0
AV delta VDM: 1.231.1613.0
================================ PatchApplication ================================
Patched mpasdlta.vdm to 1.231.1613.0
Patched mpavdlta.vdm to 1.231.1613.0
================================= MpUpdateEngine =================================
Package files for the engine update:
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1595.0_TO_1.231.1613.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1595.0_TO_1.231.1613.0_MPAVDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\mpasdlta.vdm (1.231.1613.0)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\mpavdlta.vdm (1.231.1613.0)
Updated from C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs (0x0)
================================= ValidateUpdate =================================
MpSigStub successfully updated Microsoft Security Essentials using the AM BDD package.
Original: Updated to:
AS delta VDM: 1.231.1595.0 1.231.1613.0
AV delta VDM: 1.231.1595.0 1.231.1613.0
Deleted C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1595.0_TO_1.231.1613.0_MPASDLTA.VDM._P
Deleted C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1595.0_TO_1.231.1613.0_MPAVDLTA.VDM._P
End time: 11/9/2016 10:52 PM
----------------------------------------------------------------------------------
----------------------------------------------------------------------------------
Command: MpSigStub.exe /program ANTIMALWARE /q
Running as administrator: yes
Start time: 11/10/2016 12:52 AM (version 1.1.13251.0)
=================================== ProductSearch ==================================
Microsoft Security Essentials:
Status: Active
Product: 4.10.205.0
Engine: 1.1.13202.0
Signatures: 1.231.1613.0
NIS Engine: 2.1.12706.0
NIS Signatures: 116.65.0.0
================================ PackageDiscovery ================================
Package files discovered:
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1613.0_TO_1.231.1619.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1613.0_TO_1.231.1619.0_MPAVDLTA.VDM._P (?.?.?.?)
AM BDD:
Engine: Not included
AS base VDM: Not included
AV base VDM: Not included
AS delta VDM: 1.231.1619.0
AV delta VDM: 1.231.1619.0
================================ PatchApplication ================================
Patched mpasdlta.vdm to 1.231.1619.0
Patched mpavdlta.vdm to 1.231.1619.0
================================= MpUpdateEngine =================================
Package files for the engine update:
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1613.0_TO_1.231.1619.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1613.0_TO_1.231.1619.0_MPAVDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\mpasdlta.vdm (1.231.1619.0)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\mpavdlta.vdm (1.231.1619.0)
Updated from C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs (0x0)
================================= ValidateUpdate =================================
MpSigStub successfully updated Microsoft Security Essentials using the AM BDD package.
Original: Updated to:
AS delta VDM: 1.231.1613.0 1.231.1619.0
AV delta VDM: 1.231.1613.0 1.231.1619.0
Deleted C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1613.0_TO_1.231.1619.0_MPASDLTA.VDM._P
Deleted C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1613.0_TO_1.231.1619.0_MPAVDLTA.VDM._P
End time: 11/10/2016 12:52 AM
----------------------------------------------------------------------------------
----------------------------------------------------------------------------------
Command: MpSigStub.exe /program ANTIMALWARE /q
Running as administrator: yes
Start time: 11/10/2016 4:52 AM (version 1.1.13251.0)
=================================== ProductSearch ==================================
Microsoft Security Essentials:
Status: Active
Product: 4.10.205.0
Engine: 1.1.13202.0
Signatures: 1.231.1619.0
NIS Engine: 2.1.12706.0
NIS Signatures: 116.65.0.0
================================ PackageDiscovery ================================
Package files discovered:
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1619.0_TO_1.231.1629.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1619.0_TO_1.231.1629.0_MPAVDLTA.VDM._P (?.?.?.?)
AM BDD:
Engine: Not included
AS base VDM: Not included
AV base VDM: Not included
AS delta VDM: 1.231.1629.0
AV delta VDM: 1.231.1629.0
================================ PatchApplication ================================
Patched mpasdlta.vdm to 1.231.1629.0
Patched mpavdlta.vdm to 1.231.1629.0
================================= MpUpdateEngine =================================
Package files for the engine update:
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1619.0_TO_1.231.1629.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1619.0_TO_1.231.1629.0_MPAVDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\mpasdlta.vdm (1.231.1629.0)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\mpavdlta.vdm (1.231.1629.0)
Updated from C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs (0x0)
================================= ValidateUpdate =================================
MpSigStub successfully updated Microsoft Security Essentials using the AM BDD package.
Original: Updated to:
AS delta VDM: 1.231.1619.0 1.231.1629.0
AV delta VDM: 1.231.1619.0 1.231.1629.0
Deleted C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1619.0_TO_1.231.1629.0_MPASDLTA.VDM._P
Deleted C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1619.0_TO_1.231.1629.0_MPAVDLTA.VDM._P
End time: 11/10/2016 4:52 AM
----------------------------------------------------------------------------------
----------------------------------------------------------------------------------
Command: MpSigStub.exe /program ANTIMALWARE /q
Running as administrator: yes
Start time: 11/10/2016 8:52 AM (version 1.1.13251.0)
=================================== ProductSearch ==================================
Microsoft Security Essentials:
Status: Active
Product: 4.10.205.0
Engine: 1.1.13202.0
Signatures: 1.231.1629.0
NIS Engine: 2.1.12706.0
NIS Signatures: 116.65.0.0
================================ PackageDiscovery ================================
Package files discovered:
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1629.0_TO_1.231.1641.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1629.0_TO_1.231.1641.0_MPAVDLTA.VDM._P (?.?.?.?)
AM BDD:
Engine: Not included
AS base VDM: Not included
AV base VDM: Not included
AS delta VDM: 1.231.1641.0
AV delta VDM: 1.231.1641.0
================================ PatchApplication ================================
Patched mpasdlta.vdm to 1.231.1641.0
Patched mpavdlta.vdm to 1.231.1641.0
================================= MpUpdateEngine =================================
Package files for the engine update:
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1629.0_TO_1.231.1641.0_MPASDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1629.0_TO_1.231.1641.0_MPAVDLTA.VDM._P (?.?.?.?)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\mpasdlta.vdm (1.231.1641.0)
C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\mpavdlta.vdm (1.231.1641.0)
Updated from C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs (0x0)
================================= ValidateUpdate =================================
MpSigStub successfully updated Microsoft Security Essentials using the AM BDD package.
Original: Updated to:
AS delta VDM: 1.231.1629.0 1.231.1641.0
AV delta VDM: 1.231.1629.0 1.231.1641.0
Deleted C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1629.0_TO_1.231.1641.0_MPASDLTA.VDM._P
Deleted C:\Windows\Temp\DBC2B160BA060F34BB15029FC66C52FB-Sigs\1.231.1629.0_TO_1.231.1641.0_MPAVDLTA.VDM._P
End time: 11/10/2016 8:52 AM
----------------------------------------------------------------------------------
The real questions are:
(a) where are they coming from and why?
(b) why aren't they being deleted once used?
I have run FULL scans using both MSE and MBAM, and both machines get a clean bill of health. I suspect it is the MSE and MBAM products themselves which are generating these CAB files.
Any ideas?
My Computer
At a glance
Windows 7 Pro x64 (1), Win7 Pro X64 (2)i5-3350p 3.1Ghz/6MB-cache (1); E8400 3.0Ghz/6...8GB PC3-12800 DDR3 (1); 4GB PC3-10600 DDR3 (2)ATI HD7750 (1), (see TV cards); ATI R7 250 (2)
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Home-built, two systems (1) and (2)
- OS
- Windows 7 Pro x64 (1), Win7 Pro X64 (2)
- CPU
- i5-3350p 3.1Ghz/6MB-cache (1); E8400 3.0Ghz/6MB-cache (2)
- Motherboard
- ASUS P8Z77-V Pro (1); ASUS P5Q3 (2)
- Memory
- 8GB PC3-12800 DDR3 (1); 4GB PC3-10600 DDR3 (2)
- Graphics Card(s)
- ATI HD7750 (1), (see TV cards); ATI R7 250 (2)
- Sound Card
- Realtek ALC892 HD Audio (1); Realtek ALC1200 HD Audio (2)
- Monitor(s) Displays
- Eizo HD2441W LCD, Eizo S2433W (1); Eizo 24" S2433W (2)
- Screen Resolution
- 1920x1200, 1920x1200 (1); 1920x1200 (2)
- Hard Drives
- (1) 1TB SATA-II (7200RPM), 2x2TB SATA-III (7200RPM), 250GB SATA-III (10000RPM) for OS; 2x2TB external USB 3.0
(2) 320GB SATA-II (7200RPM), 750GB SATA-II (7200RPM), 150GB SATA-II (10000RPM) for OS; 2TB external USB 3.0
- PSU
- Nesteq ECS-6001 600W (1); Nesteq ECS-5001 500W (2)
- Case
- Acousti-Case 360 (1) and (2)
- Cooling
- Noctua NH-U12P SE2 for CPU, 2x120mm case fans (1) and (2)
- Keyboard
- IBM PS/2 (1) and (2)
- Mouse
- Logitech MX Revolution wireless (1); Microsoft wired (2)
- Internet Speed
- 100mbps down / 10mbps up
- Antivirus
- Microsoft Security Essentials; Malwarebyte Anti-Malware Pro
- Browser
- Firefox
- Other Info
- Ceton InfiniTV 4-tuner cablecard-enabled TV card as well as Hauppauge HVR-2250 OTA/ATSC 2-tuner TV card in (1), running under Win7 WMC