Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Antivirus 2012 has found critical process activity on your PC


  • Please log in to reply
34 replies to this topic

#1 DGREW

DGREW

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 14 June 2012 - 04:59 PM

Using Windows 7,

I had several "hijacks" to a site showing a warning "Windows Antivirus 2012 has found critical process activity on your PC". I managed to get off the site however I began looking through bleepingcomputer.COM. Then, suddenly could not connect to bleepingcomputer.COM and got the following message - "The device or resource (www.bleepingcomputer.com) is not set up to accept connections on port “The World Wide Web service (HTTP)”. This was the only site that I could not connect to - that I could determine.

That made me nervous. I scanned with Malwarebytes and got the following results:
Folders Detected: 1
C:\Users\DRP\AppData\Roaming\SystemProc (Trojan.Agent) -> Quarantined and deleted successfully.

Files Detected: 2
C:\Users\DRP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft.exe (Trojan.Dialer.Gen) -> Quarantined and deleted successfully.
C:\Windows\Tasks\sqlservr.exe (Trojan.Dialer.Gen) -> Quarantined and deleted successfully.

Everything operated after that - BUT - I still could not connect to Bleepingcomputer. I looked through recent programs added and noticed one that I did not recognize, which appeared around the time of my problems - so I removed it. Good news is that I can now connect to you guys - bad news is I did not take a picture of the program - I think it was called EDB something - but I'm not sure.

I would like to insure that there isn't anything else hiding in there.

DRP

Edited by DGREW, 14 June 2012 - 06:22 PM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:07 PM

Posted 16 June 2012 - 08:27 AM

Hello,

I will be helping you with your problems

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

Step 1

Please download Rkill by Grinler and save it to your desktop.

Link 1
Link 2

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.

If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.


Step 2

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

NOTE: If asked to restart the computer, please do so. You may need to run rkill again - if so please also post the log for this run of rkill

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Step 3

How is your computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 16 June 2012 - 01:38 PM

dev00790,

I downloaded rkill #1 and ran it and it appeared to operate OK but I received the following log:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 06/16/2012 at 8:07:24.
Operating System: Windows 7 Professional


Processes terminated by Rkill or while it was running:

C:\Windows\sysWow64\SearchProtocolHost.exe


Rkill completed on 06/16/2012 at 8:08:58.

*********************************************

Because it said that it was "terminated" I wasn't sure if it was succesful.
Then I downloaded & ran rkill #2 and received the following:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 06/16/2012 at 8:18:41.
Operating System: Windows 7 Professional


Processes terminated by Rkill or while it was running:

C:\Users\DRP\Desktop\WINWORD.EXE
C:\Users\DRP\Desktop\OUTLOOK.EXE


Rkill completed on 06/16/2012 at 8:20:15.
***********************************

Again not sure if it's succesful. I am currently scanning with Malwarebytes. Did the rkill run OK - do I need to keep running it before I scan with Malwarebytes?

If I do not hear from you - I will post the results of the scan.

BTW - I scanned with malwarebytes last night with no deteced items. My computer "appears to be operating OK.

Regards,
DRP

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:07 PM

Posted 16 June 2012 - 03:10 PM

Hi

Your doing fine :)

Now do step 2 of my previous post.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 16 June 2012 - 05:41 PM

dev00790,

Computer appears to be running OK now. Here is the log from Malwarebytes:



Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.16.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DRP :: DRP-PC [administrator]

Protection: Enabled

6/16/2012 8:23:45 AM
mbam-log-2012-06-16 (08-23-45).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 549475
Time elapsed: 4 hour(s), 10 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Regards,

DRP

Edited by DGREW, 16 June 2012 - 05:42 PM.


#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:07 PM

Posted 16 June 2012 - 06:27 PM

Hi

Please do the following next:

Step 1

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Step 2

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 3

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Step 4

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 16 June 2012 - 10:18 PM

dev00790,

Hope that I didn't mess up. TDSS found 5 malicious objects - there was no "cure" option only delete skip and quarantine - I selected quarantine. It did not ask to reboot. Hope this wasn't an error - as soon as I did it I regretted it.

Here's the Info that you requeted:





16:33:26.0269 4752 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
16:33:28.0266 4752 ============================================================
16:33:28.0266 4752 Current date / time: 2012/06/16 16:33:28.0266
16:33:28.0266 4752 SystemInfo:
16:33:28.0266 4752
16:33:28.0266 4752 OS Version: 6.1.7601 ServicePack: 1.0
16:33:28.0266 4752 Product type: Workstation
16:33:28.0266 4752 ComputerName: DRP-PC
16:33:28.0266 4752 UserName: DRP
16:33:28.0266 4752 Windows directory: C:\Windows
16:33:28.0266 4752 System windows directory: C:\Windows
16:33:28.0266 4752 Running under WOW64
16:33:28.0266 4752 Processor architecture: Intel x64
16:33:28.0266 4752 Number of processors: 2
16:33:28.0266 4752 Page size: 0x1000
16:33:28.0266 4752 Boot type: Normal boot
16:33:28.0266 4752 ============================================================
16:33:29.0779 4752 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:33:29.0794 4752 ============================================================
16:33:29.0794 4752 \Device\Harddisk0\DR0:
16:33:29.0794 4752 MBR partitions:
16:33:29.0794 4752 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x43000, BlocksNum 0x1339000
16:33:29.0794 4752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x137C000, BlocksNum 0x1BE49000
16:33:29.0794 4752 ============================================================
16:33:29.0826 4752 C: <-> \Device\Harddisk0\DR0\Partition1
16:33:29.0826 4752 ============================================================
16:33:29.0826 4752 Initialize success
16:33:29.0826 4752 ============================================================
16:34:13.0724 3944 ============================================================
16:34:13.0724 3944 Scan started
16:34:13.0724 3944 Mode: Manual; SigCheck; TDLFS;
16:34:13.0724 3944 ============================================================
16:34:15.0019 3944 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:34:15.0300 3944 1394ohci - ok
16:34:15.0393 3944 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:34:15.0456 3944 ACPI - ok
16:34:15.0487 3944 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:34:15.0705 3944 AcpiPmi - ok
16:34:15.0846 3944 Adobe LM Service (6d182c31acf16213407f2768f1107fe3) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:34:15.0877 3944 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
16:34:15.0877 3944 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
16:34:16.0033 3944 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:34:16.0064 3944 AdobeARMservice - ok
16:34:16.0251 3944 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:34:16.0298 3944 AdobeFlashPlayerUpdateSvc - ok
16:34:16.0376 3944 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:34:16.0470 3944 adp94xx - ok
16:34:16.0517 3944 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:34:16.0548 3944 adpahci - ok
16:34:16.0579 3944 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:34:16.0641 3944 adpu320 - ok
16:34:16.0704 3944 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:34:16.0922 3944 AeLookupSvc - ok
16:34:17.0047 3944 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:34:17.0219 3944 AFD - ok
16:34:17.0234 3944 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:34:17.0250 3944 agp440 - ok
16:34:17.0265 3944 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:34:17.0390 3944 ALG - ok
16:34:17.0437 3944 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:34:17.0499 3944 aliide - ok
16:34:17.0531 3944 AMD External Events Utility (9a5495edebe7d6b3f7e9a86ebe5ea248) C:\Windows\system32\atiesrxx.exe
16:34:17.0733 3944 AMD External Events Utility - ok
16:34:17.0749 3944 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:34:17.0780 3944 amdide - ok
16:34:17.0827 3944 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:34:17.0889 3944 AmdK8 - ok
16:34:17.0921 3944 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:34:17.0999 3944 AmdPPM - ok
16:34:18.0045 3944 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:34:18.0139 3944 amdsata - ok
16:34:18.0170 3944 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:34:18.0248 3944 amdsbs - ok
16:34:18.0264 3944 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:34:18.0311 3944 amdxata - ok
16:34:18.0342 3944 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:34:18.0529 3944 AppID - ok
16:34:18.0560 3944 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:34:18.0669 3944 AppIDSvc - ok
16:34:18.0701 3944 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:34:18.0825 3944 Appinfo - ok
16:34:18.0950 3944 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:34:19.0013 3944 Apple Mobile Device - ok
16:34:19.0059 3944 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
16:34:19.0122 3944 AppMgmt - ok
16:34:19.0169 3944 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:34:19.0184 3944 arc - ok
16:34:19.0215 3944 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:34:19.0278 3944 arcsas - ok
16:34:19.0465 3944 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:34:19.0512 3944 aspnet_state - ok
16:34:19.0527 3944 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:34:19.0637 3944 AsyncMac - ok
16:34:19.0668 3944 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:34:19.0668 3944 atapi - ok
16:34:19.0699 3944 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
16:34:19.0761 3944 AtiHdmiService - ok
16:34:20.0246 3944 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys
16:34:20.0574 3944 atikmdag - ok
16:34:20.0808 3944 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:34:20.0948 3944 AudioEndpointBuilder - ok
16:34:20.0948 3944 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:34:20.0995 3944 AudioSrv - ok
16:34:21.0026 3944 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:34:21.0152 3944 AxInstSV - ok
16:34:21.0292 3944 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:34:21.0448 3944 b06bdrv - ok
16:34:21.0557 3944 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:34:21.0667 3944 b57nd60a - ok
16:34:21.0854 3944 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:34:21.0916 3944 BBSvc - ok
16:34:21.0947 3944 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
16:34:22.0131 3944 BCM42RLY - ok
16:34:22.0396 3944 BCM43XX (f4cd5f52850bf2c978de178f256ba372) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:34:22.0474 3944 BCM43XX - ok
16:34:22.0646 3944 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:34:22.0739 3944 BDESVC - ok
16:34:22.0786 3944 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:34:22.0973 3944 Beep - ok
16:34:23.0051 3944 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:34:23.0145 3944 BFE - ok
16:34:23.0239 3944 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:34:23.0410 3944 BITS - ok
16:34:23.0441 3944 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:34:23.0519 3944 blbdrive - ok
16:34:23.0660 3944 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:34:23.0707 3944 Bonjour Service - ok
16:34:23.0722 3944 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:34:23.0800 3944 bowser - ok
16:34:23.0831 3944 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:34:23.0941 3944 BrFiltLo - ok
16:34:23.0956 3944 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:34:24.0003 3944 BrFiltUp - ok
16:34:24.0050 3944 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:34:24.0190 3944 Browser - ok
16:34:24.0221 3944 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:34:24.0331 3944 Brserid - ok
16:34:24.0362 3944 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:34:24.0393 3944 BrSerWdm - ok
16:34:24.0424 3944 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:34:24.0471 3944 BrUsbMdm - ok
16:34:24.0487 3944 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:34:24.0565 3944 BrUsbSer - ok
16:34:24.0611 3944 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:34:24.0674 3944 BTHMODEM - ok
16:34:24.0721 3944 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:34:24.0892 3944 bthserv - ok
16:34:24.0955 3944 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:34:25.0048 3944 cdfs - ok
16:34:25.0079 3944 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:34:25.0157 3944 cdrom - ok
16:34:25.0189 3944 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:34:25.0391 3944 CertPropSvc - ok
16:34:25.0438 3944 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
16:34:25.0485 3944 cfwids - ok
16:34:25.0516 3944 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:34:25.0594 3944 circlass - ok
16:34:25.0641 3944 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:34:25.0703 3944 CLFS - ok
16:34:25.0797 3944 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:34:25.0844 3944 clr_optimization_v2.0.50727_32 - ok
16:34:25.0937 3944 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:34:25.0984 3944 clr_optimization_v2.0.50727_64 - ok
16:34:26.0078 3944 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:34:26.0109 3944 clr_optimization_v4.0.30319_32 - ok
16:34:26.0187 3944 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:34:26.0218 3944 clr_optimization_v4.0.30319_64 - ok
16:34:26.0281 3944 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:34:26.0343 3944 CmBatt - ok
16:34:26.0374 3944 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:34:26.0390 3944 cmdide - ok
16:34:26.0452 3944 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:34:26.0483 3944 CNG - ok
16:34:26.0499 3944 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:34:26.0515 3944 Compbatt - ok
16:34:26.0530 3944 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:34:26.0671 3944 CompositeBus - ok
16:34:26.0686 3944 COMSysApp - ok
16:34:26.0702 3944 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:34:26.0749 3944 crcdisk - ok
16:34:26.0811 3944 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:34:26.0905 3944 CryptSvc - ok
16:34:26.0967 3944 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
16:34:27.0217 3944 CSC - ok
16:34:27.0326 3944 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
16:34:27.0404 3944 CscService - ok
16:34:27.0482 3944 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
16:34:27.0622 3944 dc3d - ok
16:34:27.0716 3944 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:34:27.0841 3944 DcomLaunch - ok
16:34:27.0887 3944 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:34:28.0043 3944 defragsvc - ok
16:34:28.0075 3944 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:34:28.0199 3944 DfsC - ok
16:34:28.0231 3944 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:34:28.0355 3944 Dhcp - ok
16:34:28.0387 3944 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:34:28.0511 3944 discache - ok
16:34:28.0574 3944 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:34:28.0621 3944 Disk - ok
16:34:28.0667 3944 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:34:28.0792 3944 Dnscache - ok
16:34:28.0870 3944 DockLoginService - ok
16:34:28.0917 3944 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:34:29.0057 3944 dot3svc - ok
16:34:29.0104 3944 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:34:29.0198 3944 Dot4 - ok
16:34:29.0229 3944 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:34:29.0432 3944 Dot4Print - ok
16:34:29.0463 3944 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:34:29.0510 3944 dot4usb - ok
16:34:29.0557 3944 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:34:29.0681 3944 DPS - ok
16:34:29.0713 3944 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:34:29.0744 3944 drmkaud - ok
16:34:29.0869 3944 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:34:30.0040 3944 DXGKrnl - ok
16:34:30.0165 3944 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:34:30.0259 3944 EapHost - ok
16:34:30.0555 3944 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:34:30.0773 3944 ebdrv - ok
16:34:30.0929 3944 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:34:31.0163 3944 EFS - ok
16:34:31.0288 3944 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:34:31.0413 3944 ehRecvr - ok
16:34:31.0444 3944 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:34:31.0507 3944 ehSched - ok
16:34:31.0663 3944 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:34:31.0741 3944 elxstor - ok
16:34:31.0756 3944 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:34:31.0787 3944 ErrDev - ok
16:34:31.0897 3944 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:34:32.0053 3944 EventSystem - ok
16:34:32.0068 3944 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:34:32.0255 3944 exfat - ok
16:34:32.0287 3944 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:34:32.0396 3944 fastfat - ok
16:34:32.0505 3944 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:34:32.0645 3944 Fax - ok
16:34:32.0661 3944 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:34:32.0739 3944 fdc - ok
16:34:32.0786 3944 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:34:32.0895 3944 fdPHost - ok
16:34:32.0926 3944 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:34:32.0989 3944 FDResPub - ok
16:34:33.0004 3944 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:34:33.0020 3944 FileInfo - ok
16:34:33.0035 3944 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:34:33.0191 3944 Filetrace - ok
16:34:33.0207 3944 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:34:33.0223 3944 flpydisk - ok
16:34:33.0269 3944 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:34:33.0332 3944 FltMgr - ok
16:34:33.0441 3944 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:34:33.0597 3944 FontCache - ok
16:34:33.0737 3944 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:34:33.0769 3944 FontCache3.0.0.0 - ok
16:34:33.0831 3944 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:34:33.0878 3944 FsDepends - ok
16:34:33.0909 3944 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:34:34.0096 3944 fssfltr - ok
16:34:34.0346 3944 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:34:34.0439 3944 fsssvc - ok
16:34:34.0595 3944 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:34:34.0751 3944 Fs_Rec - ok
16:34:34.0829 3944 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:34:34.0907 3944 fvevol - ok
16:34:34.0939 3944 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:34:34.0954 3944 gagp30kx - ok
16:34:34.0954 3944 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:34:35.0001 3944 GEARAspiWDM - ok
16:34:35.0110 3944 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
16:34:35.0141 3944 GoToAssist - ok
16:34:35.0235 3944 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:34:35.0360 3944 gpsvc - ok
16:34:35.0391 3944 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
16:34:35.0516 3944 grmnusb - ok
16:34:35.0656 3944 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:34:35.0672 3944 gupdate - ok
16:34:35.0687 3944 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:34:35.0687 3944 gupdatem - ok
16:34:35.0750 3944 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:34:35.0781 3944 gusvc - ok
16:34:35.0953 3944 HauppaugeTVServer (615cf0ace0b3bd7931e6bb4653e27523) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
16:34:35.0999 3944 HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - warning
16:34:35.0999 3944 HauppaugeTVServer - detected UnsignedFile.Multi.Generic (1)
16:34:36.0062 3944 hcw72ADFilter (f531c096d13a9e12b143db770814de92) C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
16:34:36.0218 3944 hcw72ADFilter - ok
16:34:36.0405 3944 hcw72ATV (0496f2a26a9b45412c5cc096d451aa22) C:\Windows\system32\DRIVERS\hcw72ATV.sys
16:34:36.0608 3944 hcw72ATV - ok
16:34:36.0904 3944 hcw72DTV (13d8e1f19e5f461f99c24e50bc987b58) C:\Windows\system32\DRIVERS\hcw72DTV.sys
16:34:37.0029 3944 hcw72DTV - ok
16:34:37.0123 3944 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:34:37.0216 3944 hcw85cir - ok
16:34:37.0279 3944 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:34:37.0435 3944 HdAudAddService - ok
16:34:37.0466 3944 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:34:37.0606 3944 HDAudBus - ok
16:34:37.0637 3944 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:34:37.0684 3944 HidBatt - ok
16:34:37.0715 3944 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:34:37.0793 3944 HidBth - ok
16:34:37.0825 3944 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:34:37.0871 3944 HidIr - ok
16:34:37.0903 3944 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:34:37.0965 3944 hidserv - ok
16:34:37.0996 3944 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:34:38.0059 3944 HidUsb - ok
16:34:38.0090 3944 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:34:38.0121 3944 hkmsvc - ok
16:34:38.0137 3944 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:34:38.0230 3944 HomeGroupListener - ok
16:34:38.0308 3944 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:34:38.0386 3944 HomeGroupProvider - ok
16:34:38.0417 3944 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:34:38.0542 3944 HpSAMD - ok
16:34:38.0605 3944 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:34:38.0761 3944 HTTP - ok
16:34:38.0776 3944 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:34:38.0792 3944 hwpolicy - ok
16:34:38.0807 3944 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:34:38.0854 3944 i8042prt - ok
16:34:38.0917 3944 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:34:39.0041 3944 iaStorV - ok
16:34:39.0260 3944 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:34:39.0447 3944 idsvc - ok
16:34:39.0587 3944 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:34:39.0634 3944 iirsp - ok
16:34:39.0775 3944 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:34:39.0931 3944 IKEEXT - ok
16:34:39.0962 3944 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:34:39.0977 3944 intelide - ok
16:34:39.0993 3944 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:34:40.0055 3944 intelppm - ok
16:34:40.0102 3944 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:34:40.0180 3944 IPBusEnum - ok
16:34:40.0211 3944 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:34:40.0305 3944 IpFilterDriver - ok
16:34:40.0352 3944 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:34:40.0430 3944 iphlpsvc - ok
16:34:40.0461 3944 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:34:40.0570 3944 IPMIDRV - ok
16:34:40.0617 3944 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:34:40.0804 3944 IPNAT - ok
16:34:41.0023 3944 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:34:41.0085 3944 iPod Service - ok
16:34:41.0116 3944 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:34:41.0163 3944 IRENUM - ok
16:34:41.0179 3944 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:34:41.0225 3944 isapnp - ok
16:34:41.0272 3944 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:34:41.0381 3944 iScsiPrt - ok
16:34:41.0413 3944 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
16:34:41.0459 3944 itecir - ok
16:34:41.0491 3944 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys
16:34:41.0600 3944 ivusb - ok
16:34:41.0631 3944 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
16:34:41.0740 3944 k57nd60a - ok
16:34:41.0756 3944 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:34:41.0803 3944 kbdclass - ok
16:34:41.0818 3944 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:34:41.0896 3944 kbdhid - ok
16:34:41.0912 3944 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:34:42.0021 3944 KeyIso - ok
16:34:42.0052 3944 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:34:42.0083 3944 KSecDD - ok
16:34:42.0146 3944 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:34:42.0208 3944 KSecPkg - ok
16:34:42.0224 3944 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:34:42.0302 3944 ksthunk - ok
16:34:42.0349 3944 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:34:42.0551 3944 KtmRm - ok
16:34:42.0629 3944 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:34:42.0754 3944 LanmanServer - ok
16:34:42.0817 3944 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:34:42.0957 3944 LanmanWorkstation - ok
16:34:42.0988 3944 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:34:43.0097 3944 lltdio - ok
16:34:43.0129 3944 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:34:43.0207 3944 lltdsvc - ok
16:34:43.0222 3944 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:34:43.0269 3944 lmhosts - ok
16:34:43.0300 3944 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:34:43.0316 3944 LSI_FC - ok
16:34:43.0331 3944 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:34:43.0347 3944 LSI_SAS - ok
16:34:43.0363 3944 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:34:43.0409 3944 LSI_SAS2 - ok
16:34:43.0456 3944 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:34:43.0519 3944 LSI_SCSI - ok
16:34:43.0550 3944 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:34:43.0706 3944 luafv - ok
16:34:43.0768 3944 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
16:34:43.0815 3944 MBAMProtector - ok
16:34:43.0940 3944 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:34:43.0987 3944 MBAMService - ok
16:34:44.0158 3944 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:34:44.0205 3944 McAfee SiteAdvisor Service - ok
16:34:44.0314 3944 McComponentHostService (fd3ad5e1ecdaa94a89d6697f5c5465d6) C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
16:34:44.0361 3944 McComponentHostService - ok
16:34:44.0392 3944 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:34:44.0408 3944 McMPFSvc - ok
16:34:44.0423 3944 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:34:44.0439 3944 mcmscsvc - ok
16:34:44.0439 3944 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:34:44.0455 3944 McNaiAnn - ok
16:34:44.0470 3944 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:34:44.0486 3944 McNASvc - ok
16:34:44.0657 3944 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
16:34:44.0704 3944 McODS - ok
16:34:44.0720 3944 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:34:44.0767 3944 McProxy - ok
16:34:44.0845 3944 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:34:44.0891 3944 McShield - ok
16:34:45.0047 3944 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:34:45.0188 3944 Mcx2Svc - ok
16:34:45.0297 3944 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:34:45.0344 3944 megasas - ok
16:34:45.0375 3944 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:34:45.0406 3944 MegaSR - ok
16:34:45.0453 3944 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
16:34:45.0500 3944 mfeapfk - ok
16:34:45.0562 3944 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
16:34:45.0656 3944 mfeavfk - ok
16:34:45.0687 3944 mfeavfk01 - ok
16:34:45.0734 3944 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:34:45.0812 3944 mfefire - ok
16:34:45.0859 3944 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
16:34:45.0874 3944 mfefirek - ok
16:34:45.0952 3944 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
16:34:46.0030 3944 mfehidk - ok
16:34:46.0061 3944 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:34:46.0155 3944 mfenlfk - ok
16:34:46.0202 3944 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
16:34:46.0249 3944 mferkdet - ok
16:34:46.0295 3944 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
16:34:46.0311 3944 mfevtp - ok
16:34:46.0342 3944 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
16:34:46.0405 3944 mfewfpk - ok
16:34:46.0467 3944 MHIKEY10 (e805a347ab28ad569c5ced370a966d80) C:\Windows\system32\Drivers\MHIKEY10x64.sys
16:34:46.0670 3944 MHIKEY10 - ok
16:34:46.0732 3944 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:34:46.0873 3944 MMCSS - ok
16:34:46.0888 3944 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:34:46.0966 3944 Modem - ok
16:34:46.0997 3944 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:34:47.0029 3944 monitor - ok
16:34:47.0060 3944 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:34:47.0107 3944 mouclass - ok
16:34:47.0138 3944 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:34:47.0216 3944 mouhid - ok
16:34:47.0247 3944 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:34:47.0278 3944 mountmgr - ok
16:34:47.0294 3944 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:34:47.0403 3944 mpio - ok
16:34:47.0419 3944 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:34:47.0465 3944 mpsdrv - ok
16:34:47.0528 3944 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:34:47.0637 3944 MpsSvc - ok
16:34:47.0668 3944 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:34:47.0762 3944 MRxDAV - ok
16:34:47.0809 3944 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:34:47.0918 3944 mrxsmb - ok
16:34:47.0996 3944 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:34:48.0152 3944 mrxsmb10 - ok
16:34:48.0183 3944 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:34:48.0370 3944 mrxsmb20 - ok
16:34:48.0386 3944 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:34:48.0417 3944 msahci - ok
16:34:48.0433 3944 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:34:48.0495 3944 msdsm - ok
16:34:48.0511 3944 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:34:48.0573 3944 MSDTC - ok
16:34:48.0620 3944 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:34:48.0745 3944 Msfs - ok
16:34:48.0745 3944 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:34:48.0791 3944 mshidkmdf - ok
16:34:48.0807 3944 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:34:48.0823 3944 msisadrv - ok
16:34:48.0869 3944 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:34:48.0963 3944 MSiSCSI - ok
16:34:48.0963 3944 msiserver - ok
16:34:49.0150 3944 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:34:49.0181 3944 MSK80Service - ok
16:34:49.0213 3944 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:34:49.0322 3944 MSKSSRV - ok
16:34:49.0369 3944 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:34:49.0509 3944 MSPCLOCK - ok
16:34:49.0525 3944 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:34:49.0681 3944 MSPQM - ok
16:34:49.0712 3944 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:34:49.0743 3944 MsRPC - ok
16:34:49.0759 3944 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:34:49.0805 3944 mssmbios - ok
16:34:49.0899 3944 MSSQL$SQLEXPRESS - ok
16:34:50.0024 3944 MSSQLServerADHelper100 (04ef36eaf5c4dbce424d81b76f1e9231) C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:34:50.0055 3944 MSSQLServerADHelper100 - ok
16:34:50.0086 3944 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:34:50.0258 3944 MSTEE - ok
16:34:50.0289 3944 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:34:50.0305 3944 MTConfig - ok
16:34:50.0320 3944 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:34:50.0336 3944 Mup - ok
16:34:50.0414 3944 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:34:50.0570 3944 napagent - ok
16:34:50.0617 3944 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:34:50.0710 3944 NativeWifiP - ok
16:34:50.0804 3944 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:34:50.0882 3944 NDIS - ok
16:34:50.0897 3944 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:34:50.0991 3944 NdisCap - ok
16:34:51.0007 3944 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:34:51.0053 3944 NdisTapi - ok
16:34:51.0069 3944 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:34:51.0131 3944 Ndisuio - ok
16:34:51.0163 3944 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:34:51.0397 3944 NdisWan - ok
16:34:51.0428 3944 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:34:51.0506 3944 NDProxy - ok
16:34:51.0553 3944 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
16:34:51.0677 3944 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:34:51.0677 3944 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:34:51.0709 3944 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:34:51.0880 3944 NetBIOS - ok
16:34:51.0927 3944 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:34:51.0989 3944 NetBT - ok
16:34:52.0036 3944 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:34:52.0114 3944 Netlogon - ok
16:34:52.0192 3944 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:34:52.0333 3944 Netman - ok
16:34:52.0535 3944 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:34:52.0567 3944 NetMsmqActivator - ok
16:34:52.0582 3944 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:34:52.0613 3944 NetPipeActivator - ok
16:34:52.0660 3944 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:34:52.0738 3944 netprofm - ok
16:34:52.0754 3944 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:34:52.0754 3944 NetTcpActivator - ok
16:34:52.0769 3944 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:34:52.0769 3944 NetTcpPortSharing - ok
16:34:52.0847 3944 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:34:52.0863 3944 nfrd960 - ok
16:34:52.0910 3944 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:34:53.0003 3944 NlaSvc - ok
16:34:53.0003 3944 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:34:53.0081 3944 Npfs - ok
16:34:53.0081 3944 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:34:53.0128 3944 nsi - ok
16:34:53.0144 3944 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:34:53.0191 3944 nsiproxy - ok
16:34:53.0347 3944 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:34:53.0471 3944 Ntfs - ok
16:34:53.0643 3944 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:34:53.0737 3944 Null - ok
16:34:53.0768 3944 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:34:53.0815 3944 nvraid - ok
16:34:53.0830 3944 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:34:53.0908 3944 nvstor - ok
16:34:53.0924 3944 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:34:53.0939 3944 nv_agp - ok
16:34:53.0971 3944 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:34:54.0033 3944 ohci1394 - ok
16:34:54.0142 3944 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:34:54.0173 3944 ose - ok
16:34:54.0251 3944 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:34:54.0345 3944 p2pimsvc - ok
16:34:54.0423 3944 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:34:54.0517 3944 p2psvc - ok
16:34:54.0548 3944 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:34:54.0610 3944 Parport - ok
16:34:54.0657 3944 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:34:54.0704 3944 partmgr - ok
16:34:54.0719 3944 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:34:54.0782 3944 PcaSvc - ok
16:34:54.0891 3944 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
16:34:54.0938 3944 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
16:34:54.0953 3944 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:34:55.0016 3944 pci - ok
16:34:55.0031 3944 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:34:55.0047 3944 pciide - ok
16:34:55.0078 3944 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:34:55.0141 3944 pcmcia - ok
16:34:55.0156 3944 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:34:55.0172 3944 pcw - ok
16:34:55.0219 3944 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:34:55.0390 3944 PEAUTH - ok
16:34:55.0546 3944 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
16:34:55.0687 3944 PeerDistSvc - ok
16:34:55.0858 3944 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:34:55.0921 3944 PerfHost - ok
16:34:56.0139 3944 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:34:56.0326 3944 pla - ok
16:34:56.0420 3944 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:34:56.0529 3944 PlugPlay - ok
16:34:56.0576 3944 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
16:34:56.0623 3944 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:34:56.0623 3944 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:34:56.0654 3944 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:34:56.0716 3944 PNRPAutoReg - ok
16:34:56.0747 3944 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:34:56.0794 3944 PNRPsvc - ok
16:34:56.0888 3944 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
16:34:57.0013 3944 Point64 - ok
16:34:57.0106 3944 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:34:57.0247 3944 PolicyAgent - ok
16:34:57.0278 3944 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:34:57.0387 3944 Power - ok
16:34:57.0449 3944 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:34:57.0637 3944 PptpMiniport - ok
16:34:57.0668 3944 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:34:57.0715 3944 Processor - ok
16:34:57.0793 3944 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:34:57.0902 3944 ProfSvc - ok
16:34:57.0949 3944 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:34:58.0042 3944 ProtectedStorage - ok
16:34:58.0120 3944 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:34:58.0245 3944 Psched - ok
16:34:58.0276 3944 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:34:58.0276 3944 PxHlpa64 - ok
16:34:58.0417 3944 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:34:58.0557 3944 ql2300 - ok
16:34:58.0744 3944 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:34:58.0791 3944 ql40xx - ok
16:34:58.0869 3944 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:34:58.0947 3944 QWAVE - ok
16:34:58.0963 3944 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:34:59.0009 3944 QWAVEdrv - ok
16:34:59.0025 3944 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:34:59.0165 3944 RasAcd - ok
16:34:59.0212 3944 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:34:59.0306 3944 RasAgileVpn - ok
16:34:59.0337 3944 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:34:59.0446 3944 RasAuto - ok
16:34:59.0477 3944 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:34:59.0696 3944 Rasl2tp - ok
16:34:59.0743 3944 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:34:59.0821 3944 RasMan - ok
16:34:59.0836 3944 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:34:59.0992 3944 RasPppoe - ok
16:35:00.0070 3944 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:35:00.0195 3944 RasSstp - ok
16:35:00.0211 3944 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:35:00.0335 3944 rdbss - ok
16:35:00.0367 3944 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:35:00.0413 3944 rdpbus - ok
16:35:00.0429 3944 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:35:00.0507 3944 RDPCDD - ok
16:35:00.0538 3944 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
16:35:00.0601 3944 RDPDR - ok
16:35:00.0617 3944 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:35:00.0695 3944 RDPENCDD - ok
16:35:00.0695 3944 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:35:00.0742 3944 RDPREFMP - ok
16:35:00.0789 3944 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:35:00.0914 3944 RDPWD - ok
16:35:00.0960 3944 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:35:01.0007 3944 rdyboost - ok
16:35:01.0070 3944 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:35:01.0210 3944 RemoteAccess - ok
16:35:01.0257 3944 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:35:01.0444 3944 RemoteRegistry - ok
16:35:01.0475 3944 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
16:35:01.0648 3944 rimmptsk - ok
16:35:01.0679 3944 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
16:35:01.0835 3944 rimsptsk - ok
16:35:01.0866 3944 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
16:35:01.0960 3944 rismxdp - ok
16:35:02.0225 3944 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
16:35:02.0319 3944 RoxMediaDB10 - ok
16:35:02.0381 3944 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:35:02.0521 3944 RpcEptMapper - ok
16:35:02.0553 3944 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:35:02.0615 3944 RpcLocator - ok
16:35:02.0677 3944 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:35:02.0802 3944 RpcSs - ok
16:35:02.0880 3944 RsFx0150 (eb1c539e621a35a49f7692b0eb565ab9) C:\Windows\system32\DRIVERS\RsFx0150.sys
16:35:02.0974 3944 RsFx0150 - ok
16:35:03.0005 3944 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:35:03.0052 3944 rspndr - ok
16:35:03.0099 3944 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
16:35:03.0239 3944 s3cap - ok
16:35:03.0286 3944 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:35:03.0457 3944 SamSs - ok
16:35:03.0489 3944 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:35:03.0535 3944 sbp2port - ok
16:35:03.0551 3944 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:35:03.0613 3944 SCardSvr - ok
16:35:03.0629 3944 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:35:03.0660 3944 scfilter - ok
16:35:03.0738 3944 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:35:03.0910 3944 Schedule - ok
16:35:03.0941 3944 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:35:04.0050 3944 SCPolicySvc - ok
16:35:04.0066 3944 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
16:35:04.0206 3944 sdbus - ok
16:35:04.0253 3944 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:35:04.0362 3944 SDRSVC - ok
16:35:04.0518 3944 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:35:04.0565 3944 SeaPort - ok
16:35:04.0596 3944 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:35:04.0690 3944 secdrv - ok
16:35:04.0737 3944 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:35:04.0783 3944 seclogon - ok
16:35:04.0815 3944 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:35:04.0924 3944 SENS - ok
16:35:04.0924 3944 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:35:04.0971 3944 SensrSvc - ok
16:35:05.0189 3944 Ser2pl (9f6490423ac3271e84a90a0dd9d30a3b) C:\Windows\system32\DRIVERS\ser2pl64.sys
16:35:05.0345 3944 Ser2pl - ok
16:35:05.0361 3944 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:35:05.0407 3944 Serenum - ok
16:35:05.0454 3944 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:35:05.0517 3944 Serial - ok
16:35:05.0532 3944 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:35:05.0579 3944 sermouse - ok
16:35:05.0626 3944 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:35:05.0766 3944 SessionEnv - ok
16:35:05.0782 3944 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:35:05.0860 3944 sffdisk - ok
16:35:05.0891 3944 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:35:05.0938 3944 sffp_mmc - ok
16:35:05.0969 3944 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:35:06.0109 3944 sffp_sd - ok
16:35:06.0125 3944 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:35:06.0187 3944 sfloppy - ok
16:35:06.0265 3944 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:35:06.0375 3944 SharedAccess - ok
16:35:06.0453 3944 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:35:06.0577 3944 ShellHWDetection - ok
16:35:06.0609 3944 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:35:06.0624 3944 SiSRaid2 - ok
16:35:06.0640 3944 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:35:06.0655 3944 SiSRaid4 - ok
16:35:06.0687 3944 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:35:06.0733 3944 Smb - ok
16:35:06.0765 3944 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:35:06.0843 3944 SNMPTRAP - ok
16:35:06.0858 3944 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:35:06.0905 3944 spldr - ok
16:35:06.0936 3944 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:35:06.0967 3944 Spooler - ok
16:35:07.0264 3944 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:35:07.0373 3944 sppsvc - ok
16:35:07.0498 3944 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:35:07.0623 3944 sppuinotify - ok
16:35:07.0810 3944 SQLAgent$SQLEXPRESS (bea7fea5bb31eb58d78971f821ae6844) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:35:07.0919 3944 SQLAgent$SQLEXPRESS - ok
16:35:08.0044 3944 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:35:08.0091 3944 SQLBrowser - ok
16:35:08.0184 3944 SQLWriter (f98ddfbfe0ee66d4c4b00693512b9527) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:35:08.0215 3944 SQLWriter - ok
16:35:08.0356 3944 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:35:08.0465 3944 srv - ok
16:35:08.0512 3944 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:35:08.0590 3944 srv2 - ok
16:35:08.0621 3944 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:35:08.0715 3944 srvnet - ok
16:35:08.0746 3944 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:35:08.0902 3944 SSDPSRV - ok
16:35:08.0917 3944 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:35:08.0980 3944 SstpSvc - ok
16:35:08.0995 3944 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:35:09.0011 3944 stexstor - ok
16:35:09.0105 3944 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:35:09.0229 3944 stisvc - ok
16:35:09.0339 3944 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:35:09.0370 3944 stllssvr - ok
16:35:09.0401 3944 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
16:35:09.0448 3944 storflt - ok
16:35:09.0479 3944 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
16:35:09.0526 3944 StorSvc - ok
16:35:09.0557 3944 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
16:35:09.0635 3944 storvsc - ok
16:35:09.0651 3944 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:35:09.0666 3944 swenum - ok
16:35:09.0697 3944 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:35:09.0775 3944 swprv - ok
16:35:09.0885 3944 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys
16:35:09.0994 3944 SynTP - ok
16:35:10.0165 3944 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:35:10.0321 3944 SysMain - ok
16:35:10.0446 3944 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:35:10.0555 3944 TabletInputService - ok
16:35:10.0618 3944 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:35:10.0743 3944 TapiSrv - ok
16:35:10.0774 3944 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:35:10.0867 3944 TBS - ok
16:35:11.0086 3944 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:35:11.0226 3944 Tcpip - ok
16:35:11.0429 3944 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:35:11.0507 3944 TCPIP6 - ok
16:35:11.0585 3944 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:35:11.0788 3944 tcpipreg - ok
16:35:11.0819 3944 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:35:11.0881 3944 TDPIPE - ok
16:35:11.0928 3944 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:35:12.0053 3944 TDTCP - ok
16:35:12.0100 3944 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:35:12.0225 3944 tdx - ok
16:35:12.0225 3944 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:35:12.0271 3944 TermDD - ok
16:35:12.0318 3944 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:35:12.0412 3944 TermService - ok
16:35:12.0443 3944 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:35:12.0474 3944 Themes - ok
16:35:12.0521 3944 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:35:12.0661 3944 THREADORDER - ok
16:35:12.0693 3944 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:35:12.0864 3944 TrkWks - ok
16:35:12.0942 3944 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:35:13.0020 3944 TrustedInstaller - ok
16:35:13.0036 3944 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:35:13.0083 3944 tssecsrv - ok
16:35:13.0129 3944 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:35:13.0176 3944 TsUsbFlt - ok
16:35:13.0207 3944 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:35:13.0348 3944 tunnel - ok
16:35:13.0379 3944 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:35:13.0395 3944 uagp35 - ok
16:35:13.0426 3944 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:35:13.0597 3944 udfs - ok
16:35:13.0644 3944 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:35:13.0660 3944 UI0Detect - ok
16:35:13.0691 3944 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:35:13.0738 3944 uliagpkx - ok
16:35:13.0769 3944 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:35:13.0831 3944 umbus - ok
16:35:13.0863 3944 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:35:13.0941 3944 UmPass - ok
16:35:13.0987 3944 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
16:35:14.0050 3944 UmRdpService - ok
16:35:14.0097 3944 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:35:14.0284 3944 upnphost - ok
16:35:14.0377 3944 USB28xxBGA (e68adc602cd39b28ae844131a3d3762c) C:\Windows\system32\DRIVERS\emBDA64.sys
16:35:14.0565 3944 USB28xxBGA - ok
16:35:14.0580 3944 USB28xxOEM (859a05f09f7d5cad8b77d4563ce53e51) C:\Windows\system32\DRIVERS\emOEM64.sys
16:35:14.0674 3944 USB28xxOEM - ok
16:35:14.0721 3944 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:35:14.0814 3944 USBAAPL64 - ok
16:35:14.0877 3944 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:35:15.0111 3944 usbaudio - ok
16:35:15.0142 3944 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:35:15.0220 3944 usbccgp - ok
16:35:15.0235 3944 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:35:15.0251 3944 usbcir - ok
16:35:15.0267 3944 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:35:15.0345 3944 usbehci - ok
16:35:15.0407 3944 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:35:15.0516 3944 usbhub - ok
16:35:15.0532 3944 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:35:15.0610 3944 usbohci - ok
16:35:15.0641 3944 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:35:15.0703 3944 usbprint - ok
16:35:15.0750 3944 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:35:15.0828 3944 usbscan - ok
16:35:15.0859 3944 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:35:16.0047 3944 USBSTOR - ok
16:35:16.0062 3944 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
16:35:16.0265 3944 usbuhci - ok
16:35:16.0312 3944 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:35:16.0421 3944 usbvideo - ok
16:35:16.0468 3944 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:35:16.0624 3944 UxSms - ok
16:35:16.0655 3944 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:35:16.0717 3944 VaultSvc - ok
16:35:16.0717 3944 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:35:16.0733 3944 vdrvroot - ok
16:35:16.0764 3944 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:35:16.0842 3944 vds - ok
16:35:16.0858 3944 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:35:16.0889 3944 vga - ok
16:35:16.0889 3944 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:35:17.0045 3944 VgaSave - ok
16:35:17.0076 3944 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:35:17.0232 3944 vhdmp - ok
16:35:17.0248 3944 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:35:17.0310 3944 viaide - ok
16:35:17.0341 3944 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
16:35:17.0357 3944 vmbus - ok
16:35:17.0373 3944 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
16:35:17.0466 3944 VMBusHID - ok
16:35:17.0497 3944 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:35:17.0513 3944 volmgr - ok
16:35:17.0560 3944 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:35:17.0622 3944 volmgrx - ok
16:35:17.0653 3944 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:35:17.0731 3944 volsnap - ok
16:35:17.0763 3944 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:35:17.0794 3944 vsmraid - ok
16:35:18.0012 3944 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:35:18.0184 3944 VSS - ok
16:35:18.0371 3944 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:35:18.0449 3944 vwifibus - ok
16:35:18.0480 3944 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:35:18.0527 3944 vwififlt - ok
16:35:18.0558 3944 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:35:18.0667 3944 W32Time - ok
16:35:18.0683 3944 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:35:18.0699 3944 WacomPen - ok
16:35:18.0745 3944 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:35:18.0933 3944 WANARP - ok
16:35:18.0964 3944 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:35:18.0995 3944 Wanarpv6 - ok
16:35:19.0135 3944 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:35:19.0245 3944 WatAdminSvc - ok
16:35:19.0369 3944 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:35:19.0494 3944 wbengine - ok
16:35:19.0635 3944 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:35:19.0681 3944 WbioSrvc - ok
16:35:19.0713 3944 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:35:19.0822 3944 wcncsvc - ok
16:35:19.0853 3944 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:35:19.0915 3944 WcsPlugInService - ok
16:35:20.0009 3944 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:35:20.0056 3944 Wd - ok
16:35:20.0087 3944 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
16:35:20.0165 3944 WDC_SAM - ok
16:35:20.0243 3944 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:35:20.0305 3944 Wdf01000 - ok
16:35:20.0337 3944 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:35:20.0446 3944 WdiServiceHost - ok
16:35:20.0461 3944 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:35:20.0524 3944 WdiSystemHost - ok
16:35:20.0602 3944 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:35:20.0711 3944 WebClient - ok
16:35:20.0758 3944 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:35:20.0898 3944 Wecsvc - ok
16:35:20.0929 3944 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:35:20.0992 3944 wercplsupport - ok
16:35:21.0023 3944 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:35:21.0117 3944 WerSvc - ok
16:35:21.0132 3944 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:35:21.0226 3944 WfpLwf - ok
16:35:21.0241 3944 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:35:21.0257 3944 WIMMount - ok
16:35:21.0335 3944 WinDefend - ok
16:35:21.0351 3944 WinHttpAutoProxySvc - ok
16:35:21.0444 3944 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:35:21.0616 3944 Winmgmt - ok
16:35:21.0741 3944 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:35:21.0881 3944 WinRM - ok
16:35:22.0053 3944 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:35:22.0162 3944 WinUsb - ok
16:35:22.0240 3944 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:35:22.0365 3944 Wlansvc - ok
16:35:22.0474 3944 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:35:22.0521 3944 wlcrasvc - ok
16:35:22.0786 3944 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:35:22.0879 3944 wlidsvc - ok
16:35:22.0926 3944 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
16:35:22.0942 3944 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
16:35:22.0942 3944 wltrysvc - detected UnsignedFile.Multi.Generic (1)
16:35:23.0004 3944 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:35:23.0082 3944 WmiAcpi - ok
16:35:23.0145 3944 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:35:23.0191 3944 wmiApSrv - ok
16:35:23.0285 3944 WMPNetworkSvc - ok
16:35:23.0316 3944 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:35:23.0363 3944 WPCSvc - ok
16:35:23.0410 3944 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:35:23.0441 3944 WPDBusEnum - ok
16:35:23.0457 3944 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:35:23.0519 3944 ws2ifsl - ok
16:35:23.0566 3944 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:35:23.0659 3944 wscsvc - ok
16:35:23.0691 3944 WSearch - ok
16:35:23.0925 3944 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:35:24.0127 3944 wuauserv - ok
16:35:24.0252 3944 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:35:24.0361 3944 WudfPf - ok
16:35:24.0408 3944 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:35:24.0658 3944 WUDFRd - ok
16:35:24.0673 3944 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:35:24.0705 3944 wudfsvc - ok
16:35:24.0736 3944 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:35:24.0783 3944 WwanSvc - ok
16:35:24.0845 3944 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:35:25.0219 3944 \Device\Harddisk0\DR0 - ok
16:35:25.0235 3944 Boot (0x1200) (16dd54555f90995e2d3b4bb028a49ea0) \Device\Harddisk0\DR0\Partition0
16:35:25.0235 3944 \Device\Harddisk0\DR0\Partition0 - ok
16:35:25.0266 3944 Boot (0x1200) (adad449361249a4e94ae6f1a5420cd89) \Device\Harddisk0\DR0\Partition1
16:35:25.0266 3944 \Device\Harddisk0\DR0\Partition1 - ok
16:35:25.0266 3944 ============================================================
16:35:25.0266 3944 Scan finished
16:35:25.0266 3944 ============================================================
16:35:25.0297 5012 Detected object count: 5
16:35:25.0297 5012 Actual detected object count: 5
16:36:56.0979 5012 C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe - copied to quarantine
16:36:57.0275 5012 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:36:57.0462 5012 C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe - copied to quarantine
16:36:57.0712 5012 HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:36:57.0759 5012 C:\Windows\system32\HPZinw12.dll - copied to quarantine
16:36:57.0837 5012 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:36:57.0852 5012 C:\Windows\system32\HPZipm12.dll - copied to quarantine
16:36:57.0884 5012 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:36:58.0008 5012 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE - copied to quarantine
16:36:58.0102 5012 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine


Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Java™ 6 Update 33
Java 2 Runtime Environment, SE v1.4.2_18
Java version out of date!
Adobe Reader X (10.1.3)
Mozilla Thunderbird (3.1.2) Thunderbird out of Date!
Google Chrome 19.0.1084.52
Google Chrome 19.0.1084.56
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````



Farbar Service Scanner Version: 09-06-2012
Ran by DRP (administrator) on 16-06-2012 at 16:54:21
Running from "C:\Users\DRP\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 19:37] - 0184320 ____A (Microsoft Corporation) 4F5414602E2544A4554D95517948B705

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


MiniToolBox by Farbar Version: 09-06-2012
Ran by DRP (administrator) on 16-06-2012 at 17:00:30
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 14244 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DRP-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : earthlink.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-B9-24-43-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ed39:a86b:2aab:494a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.109(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 16, 2012 1:43:15 PM
Lease Expires . . . . . . . . . . : Sunday, June 17, 2012 1:43:14 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890937
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-74-E2-4A-00-26-B9-24-43-A5
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : C4-17-FE-A3-EA-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::58dc:8e25:76d:c08d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 16, 2012 1:42:11 PM
Lease Expires . . . . . . . . . . : Sunday, June 17, 2012 10:20:23 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 230955006
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-74-E2-4A-00-26-B9-24-43-A5
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.earthlink.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:10dd:17f1:bd7a:3d7(Preferred)
Link-local IPv6 Address . . . . . : fe80::10dd:17f1:bd7a:3d7%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: google.com
Addresses: 2607:f8b0:4004:801::1006
74.125.228.97
74.125.228.104
74.125.228.98
74.125.228.103
74.125.228.102
74.125.228.99
74.125.228.110
74.125.228.105
74.125.228.100
74.125.228.101
74.125.228.96


Pinging google.com [74.125.228.14] with 32 bytes of data:
Reply from 74.125.228.14: bytes=32 time=780ms TTL=53
Reply from 74.125.228.14: bytes=32 time=132ms TTL=53

Ping statistics for 74.125.228.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 132ms, Maximum = 780ms, Average = 456ms
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=274ms TTL=49
Reply from 209.191.122.70: bytes=32 time=114ms TTL=50

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 114ms, Maximum = 274ms, Average = 194ms
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 4ms, Average = 4ms
===========================================================================
Interface List
11...00 26 b9 24 43 a5 ......Broadcom NetLink ™ Gigabit Ethernet
10...c4 17 fe a3 ea c3 ......Dell Wireless 1397 WLAN Mini-Card
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.105 25
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.109 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.105 281
192.168.1.0 255.255.255.0 On-link 192.168.1.109 266
192.168.1.105 255.255.255.255 On-link 192.168.1.105 281
192.168.1.109 255.255.255.255 On-link 192.168.1.109 266
192.168.1.255 255.255.255.255 On-link 192.168.1.105 281
192.168.1.255 255.255.255.255 On-link 192.168.1.109 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.109 266
224.0.0.0 240.0.0.0 On-link 192.168.1.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.109 266
255.255.255.255 255.255.255.255 On-link 192.168.1.105 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:10dd:17f1:bd7a:3d7/128
On-link
11 266 fe80::/64 On-link
10 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::10dd:17f1:bd7a:3d7/128
On-link
10 281 fe80::58dc:8e25:76d:c08d/128
On-link
11 266 fe80::ed39:a86b:2aab:494a/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 266 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/16/2012 03:33:17 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16446, time stamp: 0x4fb57c8f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7331c9f1
Faulting process id: 0x12cc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/16/2012 00:35:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/15/2012 00:40:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/14/2012 08:36:22 AM) (Source: MsiInstaller) (User: DRP)DRP
Description: Product: Microsoft Office Professional Edition 2003 -- Error 25091. Setup failed to change the source.

Error: (06/14/2012 04:56:15 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11b4

Start Time: 01cd4a3d99214f75

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (06/14/2012 04:56:12 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ec4

Start Time: 01cd4a3d96ef8ab4

Termination Time: 16

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 0e549980-b631-11e1-a33b-0026b92443a5

Error: (06/14/2012 00:40:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/13/2012 02:29:55 PM) (Source: MsiInstaller) (User: DRP)DRP
Description: Product: Microsoft Office Professional Edition 2003 -- Error 25091. Setup failed to change the source.

Error: (06/13/2012 00:06:31 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (06/13/2012 00:04:29 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3


System errors:
=============
Error: (06/16/2012 01:42:08 PM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (06/16/2012 01:24:35 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.

Error: (06/16/2012 01:24:34 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.

Error: (06/16/2012 06:02:40 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error:
%%1053

Error: (06/16/2012 06:02:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

Error: (06/16/2012 06:01:59 AM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (06/16/2012 03:33:15 AM) (Source: DCOM) (User: DRP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}DRP-PCDRPS-1-5-21-751523452-466077293-969968218-1001LocalHost (Using LRPC)

Error: (06/16/2012 03:33:08 AM) (Source: DCOM) (User: DRP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}DRP-PCDRPS-1-5-21-751523452-466077293-969968218-1001LocalHost (Using LRPC)

Error: (06/16/2012 03:32:03 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error:
%%1053

Error: (06/16/2012 03:32:03 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.


Microsoft Office Sessions:
=========================
Error: (06/16/2012 03:33:17 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164464fb57c8funknown0.0.0.000000000c00000057331c9f112cc01cd4bc49112cf73C:\Program Files (x86)\Internet Explorer\iexplore.exeunknownd415b030-b7b7-11e1-b881-0026b92443a5

Error: (06/16/2012 00:35:46 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/15/2012 00:40:33 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/14/2012 08:36:22 AM) (Source: MsiInstaller)(User: DRP)DRP
Description: Product: Microsoft Office Professional Edition 2003 -- Error 25091. Setup failed to change the source.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/14/2012 04:56:15 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1642111b401cd4a3d99214f750C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (06/14/2012 04:56:12 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421ec401cd4a3d96ef8ab416C:\Program Files (x86)\Internet Explorer\iexplore.exe0e549980-b631-11e1-a33b-0026b92443a5

Error: (06/14/2012 00:40:42 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/13/2012 02:29:55 PM) (Source: MsiInstaller)(User: DRP)DRP
Description: Product: Microsoft Office Professional Edition 2003 -- Error 25091. Setup failed to change the source.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/13/2012 00:06:31 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: 3

Error: (06/13/2012 00:04:29 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: 3


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
7-Zip 9.20
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe Acrobat 7.0 Professional (Version: 7.1.0)
Adobe Acrobat 7.1.0 Professional (Version: 7.1.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
American Airlines - B737 Flight Training
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.009.0625.1811)
AutoUpdate (Version: 1.1)
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Canon MP Navigator 3.0
Canon MP510
Cartes du Ciel V3.2
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full Existing (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full New (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Light (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Common (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0625.1812.30825)
Catalyst Control Center InstallProxy (Version: 2009.0625.1812.30825)
Catalyst Control Center Localization All (Version: 2009.0625.1812.30825)
ccc-core-static (Version: 2009.0625.1812.30825)
ccc-utility64 (Version: 2009.0625.1812.30825)
CCC Help Chinese Standard (Version: 2009.0625.1811.30825)
CCC Help Chinese Traditional (Version: 2009.0625.1811.30825)
CCC Help Danish (Version: 2009.0625.1811.30825)
CCC Help Dutch (Version: 2009.0625.1811.30825)
CCC Help English (Version: 2009.0625.1811.30825)
CCC Help Finnish (Version: 2009.0625.1811.30825)
CCC Help French (Version: 2009.0625.1811.30825)
CCC Help German (Version: 2009.0625.1811.30825)
CCC Help Italian (Version: 2009.0625.1811.30825)
CCC Help Japanese (Version: 2009.0625.1811.30825)
CCC Help Korean (Version: 2009.0625.1811.30825)
CCC Help Norwegian (Version: 2009.0625.1811.30825)
CCC Help Portuguese (Version: 2009.0625.1811.30825)
CCC Help Russian (Version: 2009.0625.1811.30825)
CCC Help Spanish (Version: 2009.0625.1811.30825)
CCC Help Swedish (Version: 2009.0625.1811.30825)
Cisco Connect (Version: 1.2.10104.2)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Version: 3.1.5907.39)
Dell Touchpad (Version: 13.2.2.2)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
DirectXInstallService (Version: 9.0.2)
DivX Codec (Version: 6.6.1)
DVD-Cloner V8.40 Build 1010 (Version: 8.40.0.1010)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
File Type Assistant
Final Media Player 2011
Garmin Communicator Plugin (Version: 3.0.1)
Garmin Training Center (Version: 3.6.5)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 19.0.1084.56)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GoToAssist Corporate (Version: 9.1.0.615)
Hauppauge WinTV 7 (Version: v7.0.29304 (CD 2.4d))
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.6.1.7)
Java 2 Runtime Environment, SE v1.4.2_18 (Version: 1.4.2_18)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee Security Scan Plus (Version: 2.1.121.2)
McAfee SecurityCenter (Version: 11.0.678)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.468.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31010)
Microsoft Visual Web Developer 2010 Express - ENU (Version: 10.0.40219)
Microsoft Web Platform Installer 2.0 (Version: 2.1.1)
Microsoft Works (Version: 9.7.0621)
Mozilla Thunderbird (3.1.2) (Version: 3.1.2 (en-US))
Mozilla Thunderbird (3.1.7) (Version: 3.1.7 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PL-2303 USB-to-Serial (Version: 1.2.10)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PowerDVD DX (Version: 8.3.6029)
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.71.80.42)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Skins (Version: 2009.0625.1812.30825)
Skype™ 5.3 (Version: 5.3.111)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VD64Inst (Version: 1.00.0000)
Web Deployment Tool (Version: 1.1.0618)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)

========================= Devices: ================================

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: G:\
Description: MP510Storage
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Canon
Service: WUDFRd

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: ATI Mobility Radeon HD 4670
Description: ATI Mobility Radeon HD 4670
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: atikmdag

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: McAfee Inc. mferkdet
Description: McAfee Inc. mferkdet
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mferkdet

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Microsoft eHome Remote Control Keyboard keys
Description: Microsoft eHome Remote Control Keyboard keys
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kbdhid

Name: Dell Wireless 1397 WLAN Mini-Card
Description: Dell Wireless 1397 WLAN Mini-Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Description: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus

Name: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver
Description: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PCDSRVC{1E208CE0-FB7451FF-06020101}_0

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: McAfee Inc. mfewfpk
Description: McAfee Inc. mfewfpk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfewfpk

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt

Name: Microsoft eHome MCIR Keyboard
Description: Microsoft eHome MCIR Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kbdhid

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Virtual Machine Bus
Description: Virtual Machine Bus
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vmbus

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Description: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Microsoft eHome MCIR 109 Keyboard
Description: Microsoft eHome MCIR 109 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kbdhid

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi

Name: Consumer IR Devices
Description: Consumer IR Devices
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: SyncMaster P2770H/P2770FH (Analog)
Description: SyncMaster P2770H/P2770FH (Analog)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: Samsung
Service: monitor

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Ricoh Memory Stick Controller
Description: Ricoh Memory Stick Host Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Ricoh Company
Service: rimsptsk

Name: BCM42RLY
Description: BCM42RLY
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BCM42RLY

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® ICH9M LPC Interface Controller - 2919
Description: Intel® ICH9M LPC Interface Controller - 2919
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Description: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Virtual WiFi Filter Driver
Description: Virtual WiFi Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vwififlt

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: Canon MP510
Description: Canon MP510
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: usbscan

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Intel® Core™2 Duo CPU P8700 @ 2.53GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Microsoft USB Dual Receiver Wireless Keyboard (IntelliType Pro)
Description: Microsoft USB Dual Receiver Wireless Keyboard (IntelliType Pro)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kbdhid

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: Prolific USB-to-Serial Comm Port (COM4)
Description: Prolific USB-to-Serial Comm Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Prolific
Service: Ser2pl

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus

Name: ATI High Definition Audio Device
Description: ATI High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: AtiHdmiService

Name: Canon MP510Storage USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard AHCI 1.0 Serial ATA Controller
Description: Standard AHCI 1.0 Serial ATA Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard AHCI 1.0 Serial ATA Controller
Service: msahci

Name: Canon MP510 Printer
Description: Canon MP510 Printer
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Canon
Service:

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: Mobile Intel® 4 Series Chipset PCI Express Root Port - 2A41
Description: Mobile Intel® 4 Series Chipset PCI Express Root Port - 2A41
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeapfk

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: McAfee Inc. cfwids
Description: McAfee Inc. cfwids
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cfwids

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: Microsoft Mouse and Keyboard Detection Driver (USB)
Description: Microsoft Mouse and Keyboard Detection Driver (USB)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbccgp

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP

Name: USB Printing Support
Description: USB Printing Support
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Ricoh 1394 OHCI Compliant Host Controller
Description: Ricoh 1394 OHCI Compliant Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: Ricoh
Service: 1394ohci

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: Intel® Core™2 Duo CPU P8700 @ 2.53GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: McAfee Inc. mfeavfk
Description: McAfee Inc. mfeavfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeavfk

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Offline Files Driver
Description: Offline Files Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSC

Name: Dell Touchpad
Description: Dell Touchpad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: McAfee Inc.
Description: McAfee Inc.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeavfk01

Name: Microsoft Hardware USB Keyboard
Description: Microsoft Hardware USB Keyboard
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidUsb

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: Ricoh SD/MMC Host Controller
Description: Ricoh SD/MMC Host Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Ricoh Company
Service: rimmptsk

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: HL-DT-ST DVD+-RW GA31N ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: McAfee Inc. mfefirek
Description: McAfee Inc. mfefirek
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfefirek

Name: ITECIR Infrared Receiver (EC)
Description: ITECIR Infrared Receiver (EC)
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: ITE Tech.Inc.
Service: itecir

Name: ATA Channel 5
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Integrated Webcam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo

Name: Microsoft USB Dual Receiver Wireless Mouse (IntelliPoint)
Description: Microsoft USB Dual Receiver Wireless Mouse (IntelliPoint)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Ricoh xD-Picture Card Controller
Description: Ricoh xD-Picture Card Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Ricoh Company
Service: rismxdp

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Microsoft Hardware USB Mouse
Description: Microsoft Hardware USB Mouse
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidUsb

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Disk Virtual Machine Bus Acceleration Filter Driver
Description: Disk Virtual Machine Bus Acceleration Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: storflt

Name: WDC WD2500BJKT-75F4T0 ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Microsoft eHome Infrared Transceiver
Description: Microsoft eHome Infrared Transceiver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidIr

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: McAfee Inc. mfehidk
Description: McAfee Inc. mfehidk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfehidk

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: McAfee NDIS Light Filter
Description: McAfee NDIS Light Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfenlfk

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:


========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 8156.86 MB
Available physical RAM: 5709.75 MB
Total Pagefile: 16311.9 MB
Available Pagefile: 12859.46 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.88 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:223.14 GB) (Free:95.9 GB) NTFS

========================= Users: ========================================

User accounts for \\DRP-PC

Administrator DRP Guest

========================= Minidump Files ==================================

========================= Restore Points ==================================

13-06-2012 15:31:32 Installed Java™ 6 Update 33
13-06-2012 21:56:35 Restore Operation
13-06-2012 22:12:23 Installed Java™ 6 Update 33
14-06-2012 00:40:50 Windows Update
14-06-2012 14:54:13 Windows Live Essentials
14-06-2012 16:16:26 Windows Live Essentials
14-06-2012 18:11:02 Windows Update
16-06-2012 03:33:22 Windows Update
16-06-2012 13:00:15 Windows Update
16-06-2012 14:44:17 Windows Update
16-06-2012 23:52:04 Windows Update
17-06-2012 02:15:00 Removed WCF RIA Services V1.0 SP1
17-06-2012 02:15:51 Removed WCF RIA Services V1.0 SP1
17-06-2012 02:19:12 Removed WCF RIA Services V1.0 SP1

**** End of log ****

regards,

DRP

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:07 PM

Posted 17 June 2012 - 12:22 PM

Hi

Note: If Cure is not an option, Skip instead

Those files that you quarantined did not need to be - they were not malicious.
Please make sure you follow my instructions carefully. If you are not sure on something then stop and ask me.

I am seeking assistance on your logs. Please bear with me.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 17 June 2012 - 12:39 PM

dev00790,

Sorry, will stop and ask for sure about anything else. I did check of the files copied to quarantine and they all are still located in the origianl path - so apparently they were not eliminated. They are also in the quarantined file in shown as a dat file.

The computer appears to be operating normally. No redirects and have been able to connect to Internet without problems.

Again - sorry - hope that I didn't make your job more difficult - will follow all directions to the letter now.

Regards,

DRP

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:07 PM

Posted 17 June 2012 - 05:09 PM

Hi

In the meantime please do this next:

Please visit the online Jotti Virus Scanner Posted Image<--link
  • Browse to the following filepath:


    C:\Windows\System32\cryptsvc.dll
  • Click on the Posted Image button.
    The scanner will check the file with various AV companies.
  • If Jotti says the file has been scanned before, then click scan again.
  • Copy and paste the results box into a reply to this thread.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:07 PM

Posted 17 June 2012 - 05:34 PM

Hi

Don't forgot my previous post.

  • Next please download and TDSSQlook to your desktop
  • Right click on it, and click Run as Administrator
  • When you are asked to choose an option type A then press enter
  • Post the contents of the file that appears in your next reply.

Edited by dev00790, 17 June 2012 - 05:35 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 17 June 2012 - 06:01 PM

Hi,

Computer still seems to be working OK.

Here are the requested results:


Filename: cryptsvc.dll
Status: Scan finished. 0 out of 19 scanners reported malware.
Scan taken on: Sat 16 Jun 2012 19:27:40 (CET) Permalink


File size: 140288 bytes
Filetype: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
MD5: 06e771aa596b8761107ab57e99f128d7
SHA1: a280919db12a103b78307ed90384099c47740f72



2012-06-16 Found nothing
2012-06-16 Found nothing

2012-06-16 Found nothing
2012-06-16 Found nothing

2012-06-16 Found nothing
2012-06-16 Found nothing

2012-06-16 Found nothing
2012-06-16 Found nothing

2012-06-16 Found nothing
2012-06-16 Found nothing

2012-06-16 Found nothing
2012-06-16 Found nothing

2012-06-16 Found nothing
2012-06-16 Found nothing

2012-06-16 Found nothing
2012-06-15 Found nothing

2012-06-16 Found nothing
2012-06-15 Found nothing

2012-06-16 Found nothing



TDSSKiller Quarantine Information log
Version 1.0.0.4
***** START SCAN Sun 06/17/2012 12:50:08.39 *****

---------- TDSSKiller logs ----------

TDSSKiller.2.7.40.0_16.06.2012_16.33.26_log.txt

---------- TDSSStarter logs ----------


---------- DIR LIST ----------

C:\TDSSKiller_Quarantine\16.06.2012_16.33.28
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000\svc0000
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001\svc0000
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001\svc0000\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002\svc0000
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002\svc0000\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003\svc0000
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003\svc0000\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004\svc0000
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004\svc0000\object.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004\svc0000\tsk0000.dta

---------- INI FILES ----------

=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000\svc0000\object.ini

[InfectedObject]
Type: Service
Name: Adobe LM Service
Type: n/a (0x10)
Start: Demand (0x3)
ImagePath: "C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0000\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
md5: 6d182c31acf16213407f2768f1107fe3


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001\svc0000\object.ini

[InfectedObject]
Type: Service
Name: HauppaugeTVServer
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0001\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
md5: 615cf0ace0b3bd7931e6bb4653e27523


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002\svc0000\object.ini

[InfectedObject]
Type: Service
Name: Net Driver HPZ12
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: C:\Windows\System32\svchost.exe -k HPZ12


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0002\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\HPZinw12.dll
md5: d5ac41ae382738483faffbd7e373d49a


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003\svc0000\object.ini

[InfectedObject]
Type: Service
Name: Pml Driver HPZ12
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: C:\Windows\System32\svchost.exe -k HPZ12


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0003\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\HPZipm12.dll
md5: 37f6046cdc630442d7dc087501ff6fc6


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004\svc0000\object.ini

[InfectedObject]
Type: Service
Name: wltrysvc
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: "C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe"


=== C:\TDSSKiller_Quarantine\16.06.2012_16.33.28\susp0004\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
md5: 13b0a570e1ae451c92da550085d72cf3




Regards,

DRP

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:07 PM

Posted 18 June 2012 - 04:38 PM

Hi

There is something we would like to check before restoring those erronously quarantined files

Please run Farbar Service Scanner.
Type the following in the edit box after "Search:"

cryptsvc.dll

Click Search Files button and post the log (FSS.txt) it makes in your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 18 June 2012 - 05:06 PM

dev00790

I will run Farbar Service Scanner right now.

I did check on the quarantined files and they apparently were only "copied" (and renamed) to the quanrantine folder - they still show (in Windows Explorer) as files under their original path. Not questioning you - but don't want to make your job more difficult if they were not removed.

Will get right back as soon as I run Farbar Service Scanner

Regards,

DRP

Edited by DGREW, 19 June 2012 - 10:25 AM.


#15 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 18 June 2012 - 05:20 PM

dev00790,

Here is the info that appeared in Notepad after the FSS search:


Farbar Service Scanner Version: 09-06-2012
Ran by DRP (administrator) on 18-06-2012 at 12:11:32
Microsoft Windows 7 Professional Service Pack 1 (X64)

************************************************
======== Search: "cryptsvc.dll" =========

C:\Windows\System32\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 19:37] - 0184320 ____A (Microsoft Corporation) 4F5414602E2544A4554D95517948B705

C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 18:28] - 0142336 ____A (Microsoft Corporation) 21993009E0CCB9B4FA195F14D3408626

C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 18:36] - 0140288 ____A (Microsoft Corporation) 06E771AA596B8761107AB57E99F128D7

C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2011-06-02 11:03] - [2010-11-20 02:18] - 0136192 ____A (Microsoft Corporation) A585BEBF7D054BD9618EDA0922D5484A

C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 18:33] - 0141312 ____A (Microsoft Corporation) F522279B4717E2BFF269C771FAC2B78E

C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 18:47] - 0139264 ____A (Microsoft Corporation) 520A108A2657F4BCA7FCED9CA7D885DE

C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2009-07-13 13:33] - [2009-07-13 15:15] - 0135680 ____A (Microsoft Corporation) 9C231178CE4FB385F4B54B0A9080B8A4

C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 19:22] - 0186880 ____A (Microsoft Corporation) B7337E9C9E5936355BB700AA33E0936E

C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 19:37] - 0184320 ____A (Microsoft Corporation) 4F5414602E2544A4554D95517948B705

C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2011-06-02 11:04] - [2010-11-20 03:25] - 0177152 ____A (Microsoft Corporation) 15597883FBE9B056F276ADA3AD87D9AF

C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 19:36] - 0183808 ____A (Microsoft Corporation) CE8BF1423AEE47DA5275FBC8AD3BD642

C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 19:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009-07-13 13:49] - [2009-07-13 15:40] - 0175104 ____A (Microsoft Corporation) 8C57411B66282C01533CB776F98AD384

C:\Windows\SysWOW64\cryptsvc.dll
[2012-06-14 06:50] - [2012-04-23 18:36] - 0140288 ____A (Microsoft Corporation) 06E771AA596B8761107AB57E99F128D7

====== End Of Search


Regards,
DRP

Edited by DGREW, 19 June 2012 - 10:26 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users