Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TrojanDownloader:Win32/Adload.DA in Action Center


  • This topic is locked This topic is locked
16 replies to this topic

#1 Bill 0

Bill 0

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 23 June 2012 - 01:03 AM

My usual Friday routine is
-run TDS Killer
-update McAfee AV
-run full scan McAFee AV
-run backup

The first 3 steps went normally without any issues being found. On opening Action Center, I'm greeted with:

Remove the TrojanDownloader:Win32/Adload.DA virus from your computer
Windows has detected TrojanDownloader:Win32/Adload.DA, a known computer virus, on your computer.

To remove the virus from your computer, follow these instructions:

Go to the following website:
Microsoft Safety Scanner
Click Download Now, and then follow the instructions on the screen.

The thing that bothers me is that doing a Google search on that alleged trojan gives a lot of hits on very similarly worded websites with dire warnings about this trojan but they all have links to AV software I've never heard of. Searching for information about this supposed Trojan on McAfee's (and Norton's, and Kaspersky's, and Avast's and AVG's)web site turn up nothing.

I did download the Microsoft Safety Scanner, and running in quick mode turned up nothing. It's currently about 1 hour into a full scan and so far again 0 files infected.

Today the computer did have a crash from which Windows recovered without having to reboot the computer, but that's not entirely abnormal (it _is_ a Microsoft OS after all). I haven't gotten any popup ads, nor have there been any unusual browser activity or reports from the McAfee firewall about unusual outgoing requests.

There are so many rogue programs out there that it bothers me that none of the reputable AV sites have any information about this supposed infection, nor does a search on your forum mention this particular malware. However it did appear to be a legitimate Windows Action Center message. I was also puzzled how Action Center would pick this up when the freshly updated AV software didn't, although on further reflection, it may have been part of a "Windows solution" that came from the automatic crash report that got sent back to Microsoft.

So, Am I Infected?

Currently I'm Running Windows 7 Ultimate with SP1 and all Microsoft updates installed and McAfee Security Center 11.0.0678, Virus Scan 15.0.302. TDSKiller is 2.7.41.0.

Bill

Here's an update:

Early this AM I rechecked the computer, and Microsoft safety scanner reported no infected files. However, I did get a firewall warning that Adobe Flash Updater was attempting an outgoing connection. I hadn't received any updates of Adobe Flash, so I did not authorize it. In retrospect I did recently apply the Firefox 13.0 and 13.0.1 updates and soon after that got a firewall warning about Realplayer update making an outgoing connection. As there had been some incompatibility issues between part of Realplayer, Flash, and Firefox, I didn't think that was unusual at the time (an update to resolve the incompatibilities) but retrospectively I'm wondering if that (and this AM's warming) was spyware sending out information. A also ran GMER this morning and got some worrisome findings.

Thanks in advance

Bill

Edited by Bill 0, 23 June 2012 - 08:52 PM.


BC AdBot (Login to Remove)

 


#2 Pizza and Pepsi

Pizza and Pepsi

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CA
  • Local time:04:35 PM

Posted 26 June 2012 - 12:07 PM

Hello, Bill O and :welcome: to Bleeping Computer!

My name is Pizza and Pepsi and I will try to help you fix your issues. In the event that I am unsuccessful (I hope that doesn't happen), I will direct you to someone with more experience.


:step1: Run rKill and Malwarebytes :


Run RKill....


Download and Run RKill

Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4


Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.

Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)

A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.

If nothing happens or if the tool does not run, please let me know in your next reply



Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.



If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next, run Malwarebytes:


Please download Malwarebytes Anti-Malware and save it to your desktop.





Make sure you are connected to the Internet and double-click on the file to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
If an update is found, the program will automatically update itself. Press the OK button and continue.


Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
Click on the Scan button.
When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
Make sure that everything is checked and then click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
Exit Malwarebytes when done.


Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).




Please ask any needed questions,post logs and let me know how the PC is running now.
Malware shall not pass!

#3 Bill 0

Bill 0
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 26 June 2012 - 08:30 PM

OK,

-Ran rkill, and it did end some processes.

-Ran Malwarebytes and got the following log:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.26.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
root :: HUTCHENS [administrator]

6/26/2012 6:01:37 PM
mbam-log-2012-06-26 (18-01-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 333645
Time elapsed: 6 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Farnoosh\Downloads\MyFunCards.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.

(end)

Malwarebytes requested a reboot, and I did so.

It's difficult to tell if things are better, because I wasn't really having any symptoms of malware other than the original Action Center message from Friday telling me that I had "TrojanDownloader:Win32/Adload.DA" as the cause of a crash. I do remember seeing my wife doing something with Fun Cards a long time ago (the malware file was in her account), but we haven't been having any symptoms of pop up ads, etc. Also, I did receive a suspicious e-mail on my account within the last week that in retrospect could have been a vector for a trojan. Since I wasn't sure if the funcards program was the same as the trojandownloader that Action Center was complaining about (and having reason to believe that I might have been the source of the malware rather than her), I ran rkill a second time after rebooting the computer. This time it flagged Real Player as a malware process it stopped. So I ran a second full scan with Malwarebytes that came up clean. A third run of rkill showed something different.

So my main question now is whether the problem flagged by Action Center is attributable to the MyFunCards program and I'm just being paranoid over some false positives, or if I really should be worried about some sophisticated spyware still lurking on my computer.

Bill

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 PM

Posted 26 June 2012 - 08:58 PM

Most likely the other way around.
TrojanDownloader:Win32/Adload.DA is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer.

Sorry to interupt but
You need to run these now/
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Pizza and Pepsi

Pizza and Pepsi

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CA
  • Local time:04:35 PM

Posted 26 June 2012 - 11:14 PM

Thanks for the extra help again boopme. It is a great help for me since I am just starting out with helping minor infections.

Bill O, you should follow the next instructions that boopme posted.
Malware shall not pass!

#6 Bill 0

Bill 0
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 27 June 2012 - 05:12 AM

Here's the MTB log:

MiniToolBox by Farbar Version: 25-06-2012
Ran by root (administrator) on 27-06-2012 at 00:25:40
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Hutchens
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 50-63-13-97-32-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-26-B9-BA-2C-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : F0-7B-CB-7C-F7-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f57b:827f:197e:8191%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.18(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, June 27, 2012 12:23:03 AM
Lease Expires . . . . . . . . . . : Thursday, June 28, 2012 12:23:36 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 200309707
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-65-E2-73-00-26-B9-BA-2C-9A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-0C-F8
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c810:d4d4:f9b9:a35b%21(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 688390183
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-65-E2-73-00-26-B9-BA-2C-9A
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4883D83C-4366-4159-8E38-75245525F89D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2A22EB91-892A-45AA-BF6A-B7FD8654F7BB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FA2C19E3-0249-4AB0-8484-87DC69DCDFEE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {08D70774-9E52-4609-ABEF-459849F79D8F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2607:f8b0:4008:802::1009
74.125.229.226
74.125.229.229
74.125.229.231
74.125.229.224
74.125.229.228
74.125.229.225
74.125.229.233
74.125.229.238
74.125.229.227
74.125.229.230
74.125.229.232


Pinging google.com [74.125.229.232] with 32 bytes of data:
Reply from 74.125.229.232: bytes=32 time=169ms TTL=54
Reply from 74.125.229.232: bytes=32 time=68ms TTL=54

Ping statistics for 74.125.229.232:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 68ms, Maximum = 169ms, Average = 118ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
209.191.122.70
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=273ms TTL=49
Reply from 98.139.183.24: bytes=32 time=62ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 273ms, Average = 167ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...50 63 13 97 32 9a ......Bluetooth Device (Personal Area Network)
11...00 26 b9 ba 2c 9a ......Realtek PCIe GBE Family Controller
10...f0 7b cb 7c f7 05 ......DW1501 Wireless-N WLAN Half-Mini Card
21...08 00 27 00 0c f8 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.18 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.18 281
192.168.1.18 255.255.255.255 On-link 192.168.1.18 281
192.168.1.255 255.255.255.255 On-link 192.168.1.18 281
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 192.168.1.18 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 192.168.1.18 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
21 276 fe80::/64 On-link
10 281 fe80::/64 On-link
21 276 fe80::c810:d4d4:f9b9:a35b/128
On-link
10 281 fe80::f57b:827f:197e:8191/128
On-link
1 306 ff00::/8 On-link
21 276 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\PGPlsp.dll [62520] (Symantec Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\PGPlsp.dll [62520] (Symantec Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\PGPlsp.dll [72344] (Symantec Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\PGPlsp.dll [72344] (Symantec Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/27/2012 00:25:26 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client has failed to start

Error: (06/27/2012 00:20:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2012 00:20:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2012 00:08:22 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client has failed to start

Error: (06/27/2012 00:05:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2012 00:04:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2012 00:04:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 08:06:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2012 02:32:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16240

Error: (06/26/2012 02:32:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16240


System errors:
=============
Error: (06/27/2012 00:24:55 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/27/2012 00:24:22 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/27/2012 00:23:52 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/27/2012 00:23:03 AM) (Source: Service Control Manager) (User: )
Description: The dleeCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (06/27/2012 00:23:03 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the dleeCATSCustConnectService service to connect.

Error: (06/27/2012 00:23:03 AM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%20

Error: (06/27/2012 00:22:59 AM) (Source: Service Control Manager) (User: )
Description: The DW WLAN Tray Service service failed to start due to the following error:
%%2

Error: (06/27/2012 00:21:24 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/27/2012 00:07:50 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/26/2012 11:50:54 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.


Microsoft Office Sessions:
=========================
Error: (05/29/2012 08:36:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 608602 seconds with 7320 seconds of active time. This session ended with a crash.

Error: (04/18/2012 06:07:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 334165 seconds with 3120 seconds of active time. This session ended with a crash.

Error: (03/13/2012 09:27:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 471425 seconds with 5160 seconds of active time. This session ended with a crash.

Error: (03/07/2012 07:08:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 169908 seconds with 900 seconds of active time. This session ended with a crash.

Error: (02/04/2012 11:11:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations (Version: 3.0.359)
ATI Catalyst Control Center (Version: 2.009.0813.2130)
Banctec Service Agreement (Version: 2.0.0)
Bing Maps 3D (Version: 4.0.903.16005)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Full Existing (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Full New (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Light (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Previews Common (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0813.2131.36817)
Catalyst Control Center InstallProxy (Version: 2009.0813.2131.36817)
Catalyst Control Center Localization All (Version: 2009.0813.2131.36817)
ccc-core-static (Version: 2009.0813.2131.36817)
ccc-utility64 (Version: 2009.0813.2131.36817)
CCC Help Chinese Standard (Version: 2009.0813.2130.36817)
CCC Help Chinese Traditional (Version: 2009.0813.2130.36817)
CCC Help Danish (Version: 2009.0813.2130.36817)
CCC Help Dutch (Version: 2009.0813.2130.36817)
CCC Help English (Version: 2009.0813.2130.36817)
CCC Help Finnish (Version: 2009.0813.2130.36817)
CCC Help French (Version: 2009.0813.2130.36817)
CCC Help German (Version: 2009.0813.2130.36817)
CCC Help Italian (Version: 2009.0813.2130.36817)
CCC Help Japanese (Version: 2009.0813.2130.36817)
CCC Help Korean (Version: 2009.0813.2130.36817)
CCC Help Norwegian (Version: 2009.0813.2130.36817)
CCC Help Portuguese (Version: 2009.0813.2130.36817)
CCC Help Russian (Version: 2009.0813.2130.36817)
CCC Help Spanish (Version: 2009.0813.2130.36817)
CCC Help Swedish (Version: 2009.0813.2130.36817)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
CyberLink YouPaint (Version: 1.2.0521)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0009)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Remote Access (Version: 1.3.0.0)
Dell Support Center (Version: 3.1.5907.39)
Dell Toolbar (Version: 1.8.12.0)
Dell Touch Zone (Version: 1.2.1.8)
Dell TouchCam (Version: 1.1.0515)
Dell V715w
Dell Webcam Central (Version: 1.40.05)
DW WLAN Card Utility (Version: 5.60.48.18)
ESET Online Scanner v3
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
HxD Hex Editor version 1.7.7.0 (Version: 1.7.7.0)
IDXWebFrameworkControls (Version: 4.09.006)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java Web Start
Java™ 6 Update 24 (Version: 6.0.240)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8089.726)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee SecurityCenter (Version: 11.0.678)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Communicator 2007 (Version: 2.0.6362.0)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
MKSAP MOC II (Version: )
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MP3 Rocket
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Oracle VM VirtualBox 3.2.6 (Version: 3.2.6)
Orca (Version: 3.1.3790.0000)
Palm webOS SDK (Version: 1.4.5.465)
PC Inspector File Recovery (Version: 4.0)
PGP Desktop (Version: 10.2.0.2317)
PowerDVD DX (Version: 8.3.7501)
Quicken 2010 (Version: 19.1.2.22)
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Recuva (Version: 1.41)
Rosetta Stone Version 3 (Version: 3.4.5.0)
Roxio Burn (Version: 1.01)
SimBioSys® Physiology Labs v3
Skins (Version: 2009.0813.2131.36817)
SUPER © Version 2010.bld.38 (May 2, 2010) (Version: Version 2010.bld.38 (May 2, 2010))
Synaptics Pointing Device Driver (Version: 14.0.13.0)
TouchWorksWebControls (Version: 11.0200.497)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.1 (Version: 2.0.1)
WIDCOMM Bluetooth Software (Version: 6.2.0.9603)
WildTangent Games (Version: 1.0.0.71)
Windows Driver Package - Palm (WinUSB) Palm Devices (11/30/2008 1.0.0) (Version: 11/30/2008 1.0.0)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
WordSmart Vocabulary
Yahoo! Detect

========================= Devices: ================================

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: McAfee Inc. cfwids
Description: McAfee Inc. cfwids
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cfwids

Name: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver
Description: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PCDSRVC{1E208CE0-FB7451FF-06020101}_0

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Standard Serial over Bluetooth link (COM9)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® Core™ i7 CPU Q 820 @ 1.73GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: N-Trig_DIGITIZER
Description: N-Trig_DIGITIZER
Class Guid: {40e97a09-035b-4418-8d9b-06fd8ff357c7}
Manufacturer: N-trig Innovative Technologies
Service: WinUSB

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Standard Serial over Bluetooth link (COM8)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: SSPORT
Description: SSPORT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SSPORT

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: Bluetooth AV Source
Description: Bluetooth AV Source
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwavdt

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: Power Control [2012/06/13 22:12:01]
Description: Power Control [2012/06/13 22:12:01]
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 5 Series/3400 Series Chipset Family Thermal Subsystem - 3B32
Description: Intel® 5 Series/3400 Series Chipset Family Thermal Subsystem - 3B32
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 6 - 3B4C
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 6 - 3B4C
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® processor System Control and Status Registers - D157
Description: Intel® processor System Control and Status Registers - D157
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® processor Integrated Memory Controller Channel 0 Thermal Control Registers - 2CA3
Description: Intel® processor Integrated Memory Controller Channel 0 Thermal Control Registers - 2CA3
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Bluetooth Headset AG
Description: Bluetooth Headset AG
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwavdt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Disk Virtual Machine Bus Acceleration Filter Driver
Description: Disk Virtual Machine Bus Acceleration Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: storflt

Name: USB Virtualization Connector Driver
Description: USB Virtualization Connector Driver
Class Guid: {aed279d9-7dd0-49ab-8024-4f65418531fb}
Manufacturer: (Standard system devices)
Service: vpcusb

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167

Name: Intel® QPI Link - 2C90
Description: Intel® QPI Link - 2C90
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeapfk

Name: Bluetooth Imaging Responder
Description: Bluetooth Imaging Responder
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Description: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Virtual PC Host Bus Driver
Description: Virtual PC Host Bus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vpcbus

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Intel® processor Miscellaneous Registers - D158
Description: Intel® processor Miscellaneous Registers - D158
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: Intel® processor Integrated Memory Controller Channel 1 Control Registers - 2CA8
Description: Intel® processor Integrated Memory Controller Channel 1 Control Registers - 2CA8
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: PGPdisk
Description: PGPdisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PGPdisk

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: Offline Files Driver
Description: Offline Files Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSC

Name: Bluetooth OPP
Description: Bluetooth OPP
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: Standard Modem over Bluetooth link
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem

Name: Intel® Core™ i7 CPU Q 820 @ 1.73GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: McAfee Inc. mfeavfk
Description: McAfee Inc. mfeavfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeavfk

Name: 1394 OHCI Compliant Host Controller
Description: 1394 OHCI Compliant Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: 1394 OHCI Compliant Host Controller
Service: 1394ohci

Name: Standard Serial over Bluetooth link (COM4)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® QPI Physical 0 - 2C91
Description: Intel® QPI Physical 0 - 2C91
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Bluetooth FTP
Description: Bluetooth FTP
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: Bluetooth AV Source
Description: Bluetooth AV Source
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwavdt

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: Citrix USB Monitor Driver
Description: Citrix USB Monitor Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ctxusbm

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Bluetooth Remote Control
Description: Bluetooth Remote Control
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: btwrchid

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: McAfee Inc.
Description: McAfee Inc.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeavfk01

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Bluetooth Headset AG
Description: Bluetooth Headset AG
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwavdt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: PGPsdkDriver
Description: PGPsdkDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PGPsdkDriver

Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Description: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: Intel® processor DMI - D132
Description: Intel® processor DMI - D132
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Intel® processor Integrated Memory Controller Channel 1 Address Registers - 2CA9
Description: Intel® processor Integrated Memory Controller Channel 1 Address Registers - 2CA9
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: VirtualBox Service
Description: VirtualBox Service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VBoxDrv

Name: Intel® processor Integrated Memory Controller - 2C98
Description: Intel® processor Integrated Memory Controller - 2C98
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: HL-DT-ST DVDRWBD CA10N ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: N-Trig MultiTouch HID Device
Description: N-Trig MultiTouch HID Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: N-Trig
Service: WUDFRd

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: McAfee Inc. mfefirek
Description: McAfee Inc. mfefirek
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfefirek

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: VirtualBox USB Monitor Driver
Description: VirtualBox USB Monitor Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VBoxUSBMon

Name: Standard Modem over Bluetooth link #2
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem

Name: Bluetooth OPP
Description: Bluetooth OPP
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: Standard Serial over Bluetooth link (COM10)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® Core™ i7 CPU Q 820 @ 1.73GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel® Core™ i7 CPU Q 820 @ 1.73GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Bluetooth FTP
Description: Bluetooth FTP
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® processor PCI Express Root Port 1 - D138
Description: Intel® processor PCI Express Root Port 1 - D138
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® processor Integrated Memory Controller Channel 1 Rank Registers - 2CAA
Description: Intel® processor Integrated Memory Controller Channel 1 Rank Registers - 2CAA
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: ATA Channel 4
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Bluetooth AV Remote Control Target
Description: Bluetooth AV Remote Control Target
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: Intel® processor Integrated Memory Controller Target Address Decoder - 2C99
Description: Intel® processor Integrated Memory Controller Target Address Decoder - 2C99
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Bluetooth Headset AG
Description: Bluetooth Headset AG
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwavdt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: O2Micro Integrated MS/MSPRO/xD Controller
Description: O2Micro Integrated MS/MSPRO/xD Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: O2Micro
Service: O2MDGRDR

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Bluetooth Hands-free Audio
Description: Bluetooth Hands-free Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: btwaudio

Name: McAfee Inc. mfehidk
Description: McAfee Inc. mfehidk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfehidk

Name: Virtual Machine Bus
Description: Virtual Machine Bus
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vmbus

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: Dell Wireless 365 Bluetooth Module
Description: Dell Wireless 365 Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB

Name: ATA Channel 5
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: ST9500420AS ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® processor Integrated Memory Controller Channel 1 Thermal Control Registers - 2CAB
Description: Intel® processor Integrated Memory Controller Channel 1 Thermal Control Registers - 2CAB
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Intel® QuickPath Interconnect - D150
Description: Intel® QuickPath Interconnect - D150
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: Intel® processor Integrated Memory Controller Test Registers - 2C9C
Description: Intel® processor Integrated Memory Controller Test Registers - 2C9C
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: HidUsb

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Standard Serial over Bluetooth link (COM3)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: DW1501 Wireless-N WLAN Half-Mini Card
Description: DW1501 Wireless-N WLAN Half-Mini Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX

Name: Standard Modem over Bluetooth link #3
Description: Standard Modem over Bluetooth link
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Standard Cell Phones
Service: Modem

Name: Intel® Core™ i7 CPU Q 820 @ 1.73GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel® Core™ i7 CPU Q 820 @ 1.73GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: McAfee NDIS Light Filter
Description: McAfee NDIS Light Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfenlfk

Name: Bluetooth OPP
Description: Bluetooth OPP
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Bluetooth FTP
Description: Bluetooth FTP
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Sun Microsystems, Inc.
Service: VBoxNetAdp

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Bluetooth AV Remote Control Target
Description: Bluetooth AV Remote Control Target
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: HidUsb

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Virtual PC Network Filter Driver
Description: Virtual PC Network Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vpcnfltr

Name: McAfee Inc. mferkdet
Description: McAfee Inc. mferkdet
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mferkdet

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus

Name: Intel® PM55 Express Chipset LPC Interface Controller - 3B03
Description: Intel® PM55 Express Chipset LPC Interface Controller - 3B03
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: ATI High Definition Audio Device
Description: ATI High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: AtiHdmiService

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 3 - 3B46
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 3 - 3B46
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: ST9500420AS ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Bluetooth Headset AG
Description: Bluetooth Headset AG
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwavdt

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Intel® QuickPath Interconnect - D151
Description: Intel® QuickPath Interconnect - D151
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Intel® processor Integrated Memory Controller Channel 0 Control Registers - 2CA0
Description: Intel® processor Integrated Memory Controller Channel 0 Control Registers - 2CA0
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft ISATAP Adapter #6
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Virtual WiFi Filter Driver
Description: Virtual WiFi Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vwififlt

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid

Name: ST Micro Accelerometer
Description: ST Micro Accelerometer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ST Microelectronics
Service: Acceler

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: McAfee Inc. mfewfpk
Description: McAfee Inc. mfewfpk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfewfpk

Name: BCM42RLY
Description: BCM42RLY
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BCM42RLY

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Standard Serial over Bluetooth link (COM7)
Description: Standard Serial over Bluetooth link
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BTHMODEM

Name: Microsoft Virtual WiFi Miniport Adapter - VirtualBox Bridged Networking Driver Miniport
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Sun Microsystems, Inc.
Service: VBoxNetFlt

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Intel® 5 Series/3400 Series Chipset Family 6 Port SATA AHCI Controller - 3B2F
Description: Intel® 5 Series/3400 Series Chipset Family 6 Port SATA AHCI Controller - 3B2F
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msahci

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 4 - 3B48
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 4 - 3B48
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® Core™ i7 CPU Q 820 @ 1.73GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel® Core™ i7 CPU Q 820 @ 1.73GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel® processor System Management Registers - D155
Description: Intel® processor System Management Registers - D155
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Bluetooth OPP
Description: Bluetooth OPP
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: Intel® processor Integrated Memory Controller Channel 0 Address Registers - 2CA1
Description: Intel® processor Integrated Memory Controller Channel 0 Address Registers - 2CA1
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Bluetooth FTP
Description: Bluetooth FTP
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: ATI Mobility Radeon HD 4650
Description: ATI Mobility Radeon HD 4650
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: atikmdag

Name: N-Trig HID Interface
Description: N-Trig HID Interface
Class Guid: {40e97a09-035b-4418-8d9b-06fd8ff357c7}
Manufacturer: N-trig Innovative Technologies
Service: HidUsb

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: IDT High Definition Audio CODEC
Description: IDT High Definition Audio CODEC
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: IDT
Service: STHDA

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: Bluetooth AV Source
Description: Bluetooth AV Source
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwavdt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft Bluetooth Enumerator
Description: Microsoft Bluetooth Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthEnum

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: Realtek PCIe GBE Family Controller - VirtualBox Bridged Networking Driver Miniport
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Sun Microsystems, Inc.
Service: VBoxNetFlt

Name: Intel® QuickPath Architecture Generic Non-Core Registers - 2C52
Description: Intel® QuickPath Architecture Generic Non-Core Registers - 2C52
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Bluetooth AV Remote Control Target
Description: Bluetooth AV Remote Control Target
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service:

Name: Auto Internet Protocol
Description: Auto Internet Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Packet

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: Bluetooth L2CAP Interface
Description: Bluetooth L2CAP Interface
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwl2cap

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Bluetooth Headset AG
Description: Bluetooth Headset AG
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwavdt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan

Name: DW1501 Wireless-N WLAN Half-Mini Card - VirtualBox Bridged Networking Driver Miniport
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Sun Microsystems, Inc.
Service: VBoxNetFlt

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: PCDRNDISUIO Usermode I/O Protocol
Description: PCDRNDISUIO Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PcdrNdisuio

Name: N-Trig HID Interface
Description: N-Trig HID Interface
Class Guid: {40e97a09-035b-4418-8d9b-06fd8ff357c7}
Manufacturer: N-trig Innovative Technologies
Service: HidUsb

Name: Intel® 5 Series/3400 Series Chipset Family SMBus Controller - 3B30
Description: Intel® 5 Series/3400 Series Chipset Family SMBus Controller - 3B30
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 5 - 3B4A
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 5 - 3B4A
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® processor Semaphore and Scratchpad Registers - D156
Description: Intel® processor Semaphore and Scratchpad Registers - D156
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: Intel® processor Integrated Memory Controller Channel 0 Rank Registers - 2CA2
Description: Intel® processor Integrated Memory Controller Channel 0 Rank Registers - 2CA2
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Integrated Webcam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Intel® QuickPath Architecture System Address Decoder - 2C81
Description: Intel® QuickPath Architecture System Address Decoder - 2C81
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:


========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 8180.51 MB
Available physical RAM: 5764.82 MB
Total Pagefile: 16359.21 MB
Available Pagefile: 13331.8 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.43 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:327.21 GB) NTFS
2 Drive d: (DATAPART1) (Fixed) (Total:465.76 GB) (Free:416.22 GB) NTFS

========================= Users: ========================================

User accounts for \\HUTCHENS

Administrator Bill Farnoosh
Guest root


**** End of log ****

The ESET online scanner came up clean.

Bill

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 PM

Posted 27 June 2012 - 10:38 AM

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.





Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u5-windows-i586.exe (or jre-7u5-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.



How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Bill 0

Bill 0
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 27 June 2012 - 05:04 PM

I looked at my hosts file; the entire file is commented out, and the file appears identical to the sample listed in the Microsoft KB article you linked to (for Windows 7).

BTW, just on Friday I started getting the notification that there was a Java update available; I held off of applying it because I didn't want to make any major system changes until the malware issue was settled. As an aside, I've had problems with Java updating in general -- from my usual user account the Java update always fails. I eventually figured out that I have to log out of my user account, log into my admin account and manually run jucheck (or wait an indeterminate amount of time for the update to make itself available there). I'll run the Java update now.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 PM

Posted 27 June 2012 - 05:54 PM

Hello. it appears there are a couple things wrong here then,, Let's get a deeper look.
P&P ,this is something we dont work in AII,so we move it.



We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Bill 0

Bill 0
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 27 June 2012 - 06:22 PM

OK

Java 6 is gone. Java7U5 is now installed.

It's too early to tell if replacing Java made a difference, but there were 2 odd occurrences that occurred just before replacing Java:

1) On logging into my admin account, I got a firewall notice about the Real Player updater wanting outgoing access. I did allow it, but no update started happening. I'm thinking that this may be malware trying to trick its way through the firewall. (BTW I've had the firewall set to be very restrictive since the malware thing started, but most of the requests have been obviously good -- like Java SE wanting internet access right after starting the update process; this doesn't seem related to any legitimate Real Player activity). I'm thinking of uninstalling Real Player altogether and reinstalling a fresh version from scratch once we get this entire matter settled. Also, real player was once flagged by Rkil as a malware process earlier.

2) I reran Rkill after this and it did identify a process as below:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 06/27/2012 at 18:06:48.
Operating System: Windows 7 Ultimate


Processes terminated by Rkill or while it was running:

C:\Windows\SysWOW64\grpconv.exe


Rkill completed on 06/27/2012 at 18:07:01.

This is another of the processes I'm seeing repeatedly. Malware or false positive?

Bill

#11 Pizza and Pepsi

Pizza and Pepsi

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CA
  • Local time:04:35 PM

Posted 27 June 2012 - 07:24 PM

So boopme, do we find out the infection is for Virus, Trojan, Spyware, and Malware Removal Logs when we discover a backdoor trojan or complications from the malware that cause BSOD and force the user in safe mode?
Malware shall not pass!

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 PM

Posted 27 June 2012 - 07:26 PM

Across all ThreatExpert reports, the file "grpconv.exe" was mostly identified as a threat.
Sometimes the malware gets into a file of say realplayer and thus RKILL grabs it and holds it for removal. RKILL does not remove malware. It stops it and will hold it until reboot.

Rerun RKILL and then Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.


EDIT: in your Control Panel you should now see Java 7 update 3


@ Pizza and Pepsi I am and was concerned where the malware perhaps was interfering with updates and Java install. If we cannot clwean it safely than we move to VTMRL to be safe as we dont want to brk the unit over a hidden malware.

Edited by boopme, 27 June 2012 - 08:58 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Bill 0

Bill 0
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 27 June 2012 - 11:17 PM

I think I'm having a delay in getting the posts here. I hadn't seen your request to run DDS and GMER when I posted my experience of updating Java. I did run DDS and GMER and was about to start a new post where you redirected me when I got this reply.

Re-ran Rkill. This time it killed:
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe

Updated MBAM and reran it as instructed -- came up clean:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.28.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
root :: HUTCHENS [administrator]

6/27/2012 11:47:05 PM
mbam-log-2012-06-27 (23-47-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 313566
Time elapsed: 8 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Did I understand correctly that you want the computer rebooted normally after the scan (i.e. you were specifying to reboot not into safe mode)?
Do you still want the logs from DDS and GMER posted to the new forum or should those scans be rerun before starting the new topic?

BTW, GMER runs on my x64 system but most of the options (everything above "services" as well as "show all") were greyed out.

Bill

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 PM

Posted 27 June 2012 - 11:49 PM

click the Watch Topic button at the top right and select Immediate Notification

Yes do the DDS thing now, If Gmer runs use i.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Bill 0

Bill 0
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:35 PM

Posted 28 June 2012 - 07:02 PM

This morning I got up and saw your 12:49 post. I was about to rerun DDS and GMER when I got a notification from McAfee that it had updated itself and was requesting a reboot.

I did the reboot and immediately after logging back in, I ran rkill that reported no processes killed.

On the chance that the freshly updated McAfee Security Scanner might pick something up I set it to do a full scan -- came up clean.

I couldn't remember if DDS and GMER needed the on access scanner turned off while being run, so just in case I logged into my admin account to turn it off while running those scans. Immediately after logging in to root the firewall notified me that the realplayer updater was again trying to make an outbound connection -- blocked it.

On a hunch, I reran rkill and it reported:
Processes terminated by Rkill or while it was running:

C:\Users\root\AppData\Local\Temp\nsq68FC.tmp\PEV.DAT
C:\Users\root\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe

Turned off the on access scanner, went back to my usermode account and ran DDS and GMER -- will post those logs to VTSMRL very shortly.

Thinking that there might be something triggered by the root account login I went back to root, logged out, logged back in and reran GMER without running rkill -- it actually reported less hits that the original run. I reran rkill again and this time it reported:
Processes terminated by Rkill or while it was running:

c:\PROGRA~2\mcafee\SITEAD~1\saui.exe

Completely logged out of root and re-ran rkill from my usermode account -- found nothing.

Also, a few more things that occurred to me since last PM that may or may not be relevant.

-I was thinking about your comments regarding Java. The Java updates have been acting that way about as long as I've had the computer. I always assumed that it was something that had to do with the updater not working properly in a non-admin account. But now in retrospect I agree that it's suspiciousm

-Along the same lines, the computer came with Dell Data Safe Local Backup. This always crashes on login (both my usual account and the admin account . . . but I don't think it happens on my wife's account). Again, this has been happening about as long as I can remember with this machine. I always chalked this up to it being poorly written software. Since I've been using the native windows backup program, this wasn't a major inconvenience for me and I've been tolerating it all this time.

-A third piece of odd behavior is that the eject button for the optical drive stopped responding. This happened about 1 1/2 years ago after my wife got an iPod. We were ripping our CDs into iTunes and suddenly we couldn't eject the CD by using the media key on the keyboard. If you touch it the key glows so it's clearly doing something, but nothing happens to the CD. We were able to work around this by going to "Computer" right clicking on the CD drive and selecting "Eject." Not sure why malware would do this, but it's one more datum I'll throw out for you to consider . . . although I do seem to remember that "Bonjour service" was crashing alot around that time and all of a sudden it started working properly again.

OK, now I'm off to get those logs posted to VTSMRL.

Bill




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users