Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need help undoing a superb cleaning job by AdwCleaner


  • This topic is locked This topic is locked
54 replies to this topic

#1 gfr92y

gfr92y

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, Virginia
  • Local time:12:16 PM

Posted 27 September 2015 - 03:58 PM

Mod Edit moved to Antivirus and malware tool from Win 7~~ boopme


I am an idiot! 
 
When I was much younger, I had an excuse for not heeding my mother’s sage advice to not touch the top of the stove. 
You would think after 55 years of hearing people warn me not to "touch the top of the stove," I would have learned to heed slight variations of my mother’s sage advice; such as, "Don’t just start deleting things until you know what you are deleting."
 
What is that? You gave me the [Ctrl] [A] sequence and a [Delete] button and did not think I would burn myself?  
 
Ha! Ha! Wrong, again. Yes indeed, I did burn myself.
 
On a more serious note…
 
I used AdwCleaner to clean my PC of all its dirty bath water.
 
Ha! Wrong, again. No, I did not realize the twins were gone until:
  • I could not access the internet despite being connected,
  • I could not run a number of programs including, but not limited to, Kaspersky Internet Security, ZoneAlarm, DropBox, Internet Explorer, and MalwareBytes, 
  • I could not start more than a half dozen stopped services that were previously set to automatic at startup, and
  • I could not uninstall a number of programs including a non-dead walker/biter that growled, “WSAStartup() failed, or you have the incorrect version of WinSock installed."
Before blabbering more, I am sure it is important for you to know that I used AdwCleaner a couple of times to make sure my house was Spic-n-Span… Clean enough to eat off the floor!
 
Luckily I did not delete the logs allowing me to concatenate them into a single file, which is attached below.
 
If anyone could help me work some of Stephen King’s Pet Cemetery magic on my PC, I will be overwhelmed with joy… Well, at least until it decides to satisfy its after-death hunger by eating me and my burnt hand.
 
Thanks!
 
Joe
 
 
Attached File  AdwCleaner Reports.txt   28.95KB   12 downloads

Edited by boopme, 27 September 2015 - 05:35 PM.
Moved from Win 7 to AV/AM Software - Hamluis.


BC AdBot (Login to Remove)

 


#2 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 27 September 2015 - 06:34 PM

Hi Joe,

Your not an idiot and welcome to BC! :)
 
<<<<<<<<<<

We can restore the previous deleted entries but I am not certain that is the cause of the problem.

Might be related to this.
 
 

:: Proxy settings cleared
:: Winsock settings cleared
:: TCP/IP settings cleared
:: Firewall settings cleared
:: IPSec settings cleared
:: BITS queue cleared
:: IE policies deleted
:: Chrome policies deleted

 


Have you rebooted since the last ADW run?

In addition to the clean up it does this..
 
 

2015-09-27 03:44:28 : [Notice] Killing all processes

So a reboot could possibly be an easy fix if we are really lucky!
 
<<<<<<<<<<

Let's do this 1st.

Open ADW

  • In the upper right choose Tools
  • Then choose Quarantine Manager
  • Select All
  • Press Restoration

Reboot

How is running now?
 
<<<<<<<<<<
 
Next this please.....
 
Please download Farbar Service Scanner, save it to your desktop then run it.

  • Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services

  • Press Scan
  • It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log in your reply.

<<<<<<<<<

Then this please...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

<<<<<<<<<<

Regards,
thcbytes


Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#3 RolandJS

RolandJS

  • Members
  • 4,533 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:11:16 AM

Posted 28 September 2015 - 11:16 AM

You might also want to download [on other computer] tweaking.com's windows repair (all i one), get both regular and portable. Place portable version onto external media -- run it with defaults checked, add checkmarks to items 26 & 27.


Edited by RolandJS, 28 September 2015 - 11:16 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#4 gfr92y

gfr92y
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, Virginia
  • Local time:12:16 PM

Posted 01 October 2015 - 08:12 PM

Roland, 

 

I am back in the saddle, again!

 

Your suggestion sounds much more expeditious. 

 

Should I try this first?

 

Thanks!

 

Joe



#5 RolandJS

RolandJS

  • Members
  • 4,533 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:11:16 AM

Posted 01 October 2015 - 08:20 PM

Well, windows repair (all in one) is not a miracle cure; depending upon what is wrong within the computer, WR(AiO) sometimes just isn't the Great Answer.  Whether you try WR first or last, follow the advice of the regular BC techs, you won't be steered wrong!


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:16 PM

Posted 01 October 2015 - 08:32 PM

I suggest you follow the instructions provided by thcbytes before doing anything else.

thcbytes is one of our most trusted MRT experts and as an Instructor, trains others in becoming experts at malware removal.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 gfr92y

gfr92y
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, Virginia
  • Local time:12:16 PM

Posted 01 October 2015 - 09:31 PM

RolandJS,

 

Quietman7 is quite convincing and I am going to follow his advice to follow thcbytes' process.

 

Please do not be offended by my decision or think I do not appreciate your advice.

 

Thanks, again, for sharing your suggestion with me.

 

Respectfully,

 

Joe



#8 RolandJS

RolandJS

  • Members
  • 4,533 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:11:16 AM

Posted 02 October 2015 - 11:13 AM

Hey, once the rtegulars come in, I bow out!  Whatever the regulars indicate, do it, and you can't go wrong.


Edited by RolandJS, 02 October 2015 - 11:14 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#9 gfr92y

gfr92y
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, Virginia
  • Local time:12:16 PM

Posted 04 October 2015 - 05:40 AM

thcbytes,

 

I had my complete response in a text, but cannot find it.

 

I will recreate today and post it later.

 

Joe



#10 gfr92y

gfr92y
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, Virginia
  • Local time:12:16 PM

Posted 04 October 2015 - 08:13 AM

thcbytes,

I am so sorry that it took so long for me to get back to you. I promise I will be much more responsive from this point on. As you will see below, I answered each question, took each step, and provided each report.

 

I so very much appreciate your assistance! I do not know what I would do without your help.

 

Sincerely,

 

Joe


Before moving forward, I thought it might be helpful for me to explain what I actually did prior to coming to BleepingComputer. So, here is a brief summary of the steps leading up to my original post...

The problem began when Kaspersky Internet Security 2016 stopped updating itself. Each time it attempted to update, a pop-up window appeared with "Error 2688679941: Database cannot be updated. Source does not contain file for updating."

Kaspersky Support suggested the following steps, which I followed without incident; although, the problem persisted:

  • Use the Kapersky Removal Tool to remove KIS and then reinstall it.
  • Run the Kaspersky Virus Removal Tool.
  • Run TDSSKiller to remove rootkits.
  • Run the Kaspersky Rescue Disk.
  • Reboot.

Next, I went to the Kaspersky User Forums and got great advice that I did not follow. After reading through a very lengthy procedure, I decided to run MalwareBytes twice, then AdwCleaner - Scan Only, then AdwCleaner - Clean, followed by a reboot, AdwCleaner - Scan Only, another AdwCleaner - Clean (with perhaps with too many items checked), and finally an AdwCleaner - Scan Only. (Please let me know if you want another of the other reports.)

Realizing things got worse, I ran a Restore that failed to complete itself. Then I ran scannow in clean mode. When this did not help, I went to bleepingcomputer.



Hi Joe,

Your not an idiot and welcome to BC! :)
 
<<<<<<<<<<

We can restore the previous deleted entries but I am not certain that is the cause of the problem.

Might be related to this. 

:: Proxy settings cleared
:: Winsock settings cleared
:: TCP/IP settings cleared
:: Firewall settings cleared
:: IPSec settings cleared
:: BITS queue cleared
:: IE policies deleted
:: Chrome policies deleted
Have you rebooted since the last ADW run?

In addition to the clean up it does this... 
2015-09-27 03:44:28 : [Notice] Killing all processes
So a reboot could possibly be an easy fix if we are really lucky!

 


Yes, I have rebooted and cold rebooted it a number of times. I did the reboots while trying to re-establish a network connection with my laptop so I could transfer files from the "sick" computer to a DropBox folder on my laptop. I was able to re-establish it once, but lost it for reasons unknown and have not been able to re-establish it a second time. The cold reboots were done per Microsoft's instructions after two updates.



<<<<<<<<<<

Let's do this 1st.

Open ADW

  • In the upper right choose Tools
  • Then choose Quarantine Manager
  • Select All
  • Press Restoration
Reboot

How is running now?

 


I actually ran the Restoration process after scannow and before contacting bleepingcomputer.
 
Here are the results: (Again, please let me know if you want another of the other reports.)
 
QuarantineRestore_27092015132853.txt
# AdwCleaner - Quarantine restoration
# 27/09/2015 - 13:28:53
File Restored : C:\ProgramData\productdata\asc8Stat.ini
File Restored : C:\ProgramData\productdata\db2Stat.ini
File Restored : C:\ProgramData\productdata\pctStat.ini
File Restored : C:\ProgramData\productdata\StatCache.db
File Restored : C:\ProgramData\productdata\un4Stat.ini
File Restored : C:\ProgramData\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}\OFFLINE\E8AF95C2\373872A7\ClickOnceUninstaller_IObitDel.exe
File Restored : C:\ProgramData\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}\OFFLINE\E5D03152\373872A7\ClickOnceSetup_IObitDel.exe
File Restored : C:\ProgramData\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}\OFFLINE\8E070D3B\373872A7\npBestBuyPcAppDetector_IObitDel.dll
File Restored : C:\ProgramData\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}\OFFLINE\4C9F5FE\373872A7\Best Buy pc app Launcher_IObitDel.exe
File Restored : C:\ProgramData\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}\OFFLINE\224E16D\373872A7\BestBuyPcAppDetector_IObitDel.ocx
File Restored : C:\Users\Dad\AppData\Roaming\productdata\update.spt
File Restored : C:\Users\LENOVO\AppData\Roaming\productdata\update.spt
File Restored : C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\aywlkc78.default\user.js
##### EOF #####

I did not notice any change in the computer after running the Restoration. I suppose this is the result of having run AdwCleaner - Reboot - AdwCleaner a second time.
 



<<<<<<<<<<

Next this please.....
 
Please download Farbar Service Scanner, save it to your desktop then run it.

  • Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services

  • Press Scan
  • It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log in your reply.

 

 
Farbar Service Scanner Version: 26-07-2015
Ran by Dad (administrator) on 02-10-2015 at 00:20:45
Running from "C:\Users\Dad\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0

System Restore:
============

System Restore Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****


 

<<<<<<<<<

Then this please...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

<<<<<<<<<<

Regards,
thcbytes

 

 
 

I could not find a file named Result.txt, but I did find a file named MTB.txt that appeared on the desktop just as the program finished running.

NOTE: I noticed the Model and Manufacturer are missing below. The Manufacturer is Gateway and the Model is DX4831.

MiniToolBox by Farbar Version: 25-07-2015 01
Ran by Dad (administrator) on 02-10-2015 at 10:56:46
Running from "C:\Users\Dad\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: Manufacturer:
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

========================= IP Configuration: ================================

Intel® 82578DC Gigabit Network Connection = Local Area Connection (Connected)
Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Gateway
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® 82578DC Gigabit Network Connection
Physical Address. . . . . . . . . : 90-FB-A6-2F-DB-A0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d1d2:3bbd:61b5:e667%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Lease Obtained. . . . . . . . . . : Friday, October 02, 2015 10:17:33 AM
Lease Expires . . . . . . . . . . : Saturday, October 03, 2015 10:17:33 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 194050982
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-72-D7-2A-90-FB-A6-2F-DB-A0
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: NULL

Unable to initialize Windows Sockets interface. Destination address unreachable.
Server: UnKnown
Address: NULL

Unable to initialize Windows Sockets interface. Destination address unreachable.
Unable to initialize Windows Sockets interface. Destination address unreachable.
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 [] ()
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/02/2015 10:11:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Faulting module name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Exception code: 0x40000015
Fault offset: 0x00309487
Faulting process id: 0xd5c
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

Error: (10/02/2015 10:11:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Faulting module name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Exception code: 0x40000015
Fault offset: 0x00309487
Faulting process id: 0x700
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

Error: (10/02/2015 10:11:28 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Faulting module name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Exception code: 0x40000015
Fault offset: 0x00309487
Faulting process id: 0x45c
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

Error: (10/02/2015 10:04:19 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Faulting module name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Exception code: 0x40000015
Fault offset: 0x00309487
Faulting process id: 0xb48
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

Error: (10/02/2015 10:04:16 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Faulting module name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Exception code: 0x40000015
Fault offset: 0x00309487
Faulting process id: 0xaf0
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

Error: (10/02/2015 10:04:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Faulting module name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Exception code: 0x40000015
Fault offset: 0x00309487
Faulting process id: 0x448
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

Error: (10/02/2015 09:45:31 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Faulting module name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Exception code: 0x40000015
Fault offset: 0x00309487
Faulting process id: 0xc0c
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

Error: (10/02/2015 09:45:25 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Faulting module name: TeamViewer_Service.exe, version: 9.0.38846.0, time stamp: 0x54d8ed5b
Exception code: 0x40000015
Fault offset: 0x00309487
Faulting process id: 0xb84
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

System errors:
=============
Error: (10/02/2015 10:54:00 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Error: (10/02/2015 10:48:50 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Error: (10/02/2015 10:43:40 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Error: (10/02/2015 10:38:30 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Error: (10/02/2015 10:38:30 AM) (Source: BROWSER) (User: )
Description: The browser was unable to promote itself to master browser. The computer that currently
believes it is the master browser is LENOVO.

Error: (10/02/2015 10:33:20 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Error: (10/02/2015 10:28:09 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Error: (10/02/2015 10:22:59 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Error: (10/02/2015 10:17:49 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Error: (10/02/2015 10:16:15 AM) (Source: NetBT) (User: )
Description: The name "SJNAK :1d" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.

Microsoft Office Sessions:
=========================
Error: (09/08/2015 01:46:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2771 seconds with 180 seconds of active time. This session ended with a crash.

Error: (05/19/2015 10:59:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/01/2015 02:35:21 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11746 seconds with 4800 seconds of active time. This session ended with a crash.

Error: (02/28/2015 12:46:40 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2015-08-02 00:25:21.472
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:21.463
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:21.452
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:21.441
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:20.668
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:20.661
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:20.654
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:20.646
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:20.574
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-08-02 00:25:20.567
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{284F4C1C-380D-4F10-88C8-1F9E386EFE98}) (Version: 17.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
Best Buy pc app (HKCU\...\e55b814e55744b76) (Version: 3.5.752.2 - Best Buy)
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.2.2.1 - Best Buy) Hidden
Brother MFL-Pro Suite MFC-5460CN (HKLM-x32\...\{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3006 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0812 - Gateway Incorporated)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.165 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Gateway Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.2 - Roxio)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3008 - Gateway Incorporated)
Wolfram Extras 10.0 (5157423) (HKLM\...\A-WIN-Extras 10.0.1 5157423_is1) (Version: 10.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 10 (M-WIN-L 10.0.1 5157734) (HKLM\...\M-WIN-L 10.0.1 5157734_is1) (Version: 10.0.1 - Wolfram Research, Inc.)
ZoneAlarm Firewall (HKLM-x32\...\{6E211806-E08D-4262-925D-22D64B47A875}) (Version: 14.0.508.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 14.0.508.000 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{03A3594F-F081-46BB-A366-C654EC5508C2}) (Version: 14.0.508.000 - Check Point Software Technologies Ltd.) Hidden

========================= Devices: ================================

Name: ALSysIO
Description: ALSysIO
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ALSysIO
Device ID: ROOT\LEGACY_ALSYSIO\0000

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_0020\5&269BE6A4&0&1

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP
Device ID: ROOT\LEGACY_RDPREFMP\0000

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_04F9&PID_01B7\BROM7F538079

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT6

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER_FACET&REV_1.26#4C532000000506114043&0#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}

Name: msahci
Description: msahci
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msahci
Device ID: ROOT\LEGACY_MSAHCI\0000

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi
Device ID: ROOT\LEGACY_ATAPI\0000

Name: Intel® processor DRAM Controller - 0040
Description: Intel® processor DRAM Controller - 0040
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:
Device ID: PCI\VEN_8086&DEV_0040&SUBSYS_03891025&REV_12\3&11583659&0&00

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Device ID: HID\VID_0BDA&PID_0182&MI_01\8&1B2059E6&0&0000

Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Description: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_3B3C&SUBSYS_03891025&REV_06\3&11583659&0&D0

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_3B56&SUBSYS_03891025&REV_06\3&11583659&0&D8

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr
Device ID: ROOT\LEGACY_RSPNDR\0000

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf
Device ID: ROOT\LEGACY_WUDFPF\0000

Name: Brother MFC-5460CN USB Printer
Description: Brother MFC-5460CN USB Printer
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Brother
Service:
Device ID: USBPRINT\BROTHERMFC-5460CN\8&24084E95&0&USB002

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:
Device ID: ACPI\INT0800\4&E605FC2&0

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep
Device ID: ROOT\LEGACY_BEEP\0000

Name: USB Printing Support
Description: USB Printing Support
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint
Device ID: USB\VID_04F9&PID_01B7&MI_00\7&2C8D4AED&1&0000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_BROTHER&PROD_MFC-5460CN&REV_1.00#8&BE2A0AA&0&BROM7F538079&0#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv
Device ID: ROOT\LEGACY_SECDRV\0000

Name: J:\
Description: MicroSD
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MICROSD&REV_1.00#8&35CCDA1&0&20060413092100000&4#

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000

Name: Generic- xD-Picture USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: USBSTOR\DISK&VEN_GENERIC-&PROD_XD-PICTURE&REV_1.00\8&35CCDA1&0&20060413092100000&1

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT7

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv
Device ID: ROOT\LEGACY_MSISADRV\0000

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0000\4&E605FC2&0

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Device ID: ROOT\MS_AGILEVPNMINIPORT\0000

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1

Name: Intel® HD Graphics
Description: Intel® HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Device ID: PCI\VEN_8086&DEV_0042&SUBSYS_03891025&REV_12\3&11583659&0&10

Name: HL-DT-ST DVDRAM GH41N
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: IDE\CDROMHL-DT-ST_DVDRAM_GH41N___________________MN01____\4&36E7C153&0&0.1.0

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_3B42&SUBSYS_03891025&REV_06\3&11583659&0&E0

Name: Intel® Management Engine Interface
Description: Intel® Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: HECIx64
Device ID: PCI\VEN_8086&DEV_3B64&SUBSYS_03891025&REV_06\3&11583659&0&B0

Name: Brother MFC-5460CN USB
Description: Brother MFC-5460CN USB
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Brother
Service: usbscan
Device ID: USB\VID_04F9&PID_01B7&MI_01\7&2C8D4AED&1&0001

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0100\4&E605FC2&0

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Device ID: ROOT\MS_L2TPMINIPORT\0000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#8&35CCDA1&0&20060413092100000&2#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT8

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&1

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Device ID: ROOT\LEGACY_SPLDR\0000

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS
Device ID: ROOT\LEGACY_NDIS\0000

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS
Device ID: ROOT\LEGACY_CLFS\0000

Name: PnP-Monitor (Standard)
Description: PnP-Monitor (Standard)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: TeamViewer GmbH
Service: MonitorFunction
Device ID: DISPLAY\DELA00C\4&1EC154E7&0&UID16843008

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0103\4&E605FC2&0

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT10

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_04F2&PID_0833&MI_00\7&379DB8EB&0&0000

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANBH\0000

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy
Device ID: ROOT\LEGACY_NDPROXY\0000

Name: Kaspersky Lab Crypto Module (FDE PDK)
Description: Kaspersky Lab Crypto Module (FDE PDK)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cm_km_w
Device ID: ROOT\LEGACY_CM_KM_W\0000

Name: Brother MFC-5460CN USB Remote Setup Port (COM3)
Description: Brother MFC-5460CN USB Remote Setup Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Brother
Service: BrSerIf
Device ID: USB\VID_04F9&PID_01B7&MI_02\7&2C8D4AED&1&0002

Name: Intel® Core™ i3 CPU 530 @ 2.93GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_37_-_INTEL®_CORE™_I3_CPU_________530__@_2.93GHZ\_1

Name: Intel® 82578DC Gigabit Network Connection
Description: Intel® 82578DC Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1kexpress
Device ID: PCI\VEN_8086&DEV_10F0&SUBSYS_80001025&REV_06\3&11583659&0&C8

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4F846832-B564-11E4-9580-806E6F6E6963}#0000000000100000

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_3B44&SUBSYS_03891025&REV_06\3&11583659&0&E1

Name: Brother MFC-5460CN USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: USBSTOR\DISK&VEN_BROTHER&PROD_MFC-5460CN&REV_1.00\8&BE2A0AA&0&BROM7F538079&0

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0200\4&E605FC2&0

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT9

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANIP\0000

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG
Device ID: ROOT\LEGACY_CNG\0000

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT11

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\PNP0303\4&E605FC2&0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: I:\
Description: MS/MS-Pro/HG
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO#HG&REV_1.00#8&35CCDA1&0&20060413092100000&3#

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#8&35CCDA1&0&20060413092100000&0#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANIPV6\0000

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Device ID: USB\VID_04F9&PID_01B7&MI_03\7&2C8D4AED&1&0003

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT
Device ID: ROOT\LEGACY_NETBT\0000

Name: K:\
Description: Cruzer Facet
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SanDisk
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER_FACET&REV_1.26#4C532000000506114043&0#

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Device ID: HID\VID_04F2&PID_0833&MI_01&COL01\8&30D3FE82&0&0000

Name: Intel® 82801 PCI Bridge - 244E
Description: Intel® 82801 PCI Bridge - 244E
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_03891025&REV_A6\3&11583659&0&F0

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0800\4&E605FC2&0

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 3 - 3B46
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 3 - 3B46
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_3B46&SUBSYS_03891025&REV_06\3&11583659&0&E2

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip
Device ID: ROOT\LEGACY_TCPIP\0000

Name: SanDisk Cruzer Facet USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_FACET&REV_1.26\4C532000000506114043&0

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Device ID: ROOT\MS_PPPOEMINIPORT\0000

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache
Device ID: ROOT\LEGACY_DISCACHE\0000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4F846832-B564-11E4-9580-806E6F6E6963}#0000000340100000

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD
Device ID: ROOT\LEGACY_KSECDD\0000

Name: Microsoft Network Inspection System
Description: Microsoft Network Inspection System
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NisDrv
Device ID: ROOT\LEGACY_NISDRV\0000

Name: Generic- Compact Flash USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: USBSTOR\DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00\8&35CCDA1&0&20060413092100000&0

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT12

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg
Device ID: ROOT\LEGACY_TCPIPREG\0000

Name: WDC WD10EADS-22M2B0
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: IDE\DISKWDC_WD10EADS-22M2B0_____________________01.00A01\4&36E7C153&0&0.0.0

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Device ID: ROOT\MS_PPTPMINIPORT\0000

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl
Device ID: ROOT\LEGACY_DXGKRNL\0000

Name: Intel® Core™ i3 CPU 530 @ 2.93GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_37_-_INTEL®_CORE™_I3_CPU_________530__@_2.93GHZ\_2

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg
Device ID: ROOT\LEGACY_KSECPKG\0000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_GENERIC-&PROD_XD-PICTURE&REV_1.00#8&35CCDA1&0&20060413092100000&1#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0B00\4&E605FC2&0

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: UMB\UMB\1&841921D&0&PRINTERBUSENUMERATOR

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx
Device ID: ROOT\LEGACY_TDX\0000

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: ROOT\MS_SSTPMINIPORT\0000

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy
Device ID: ROOT\LEGACY_NSIPROXY\0000

Name: Intel® H57 Express Chipset LPC Interface Controller - 3B08
Description: Intel® H57 Express Chipset LPC Interface Controller - 3B08
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_3B08&SUBSYS_03891025&REV_06\3&11583659&0&F8

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio
Device ID: ROOT\LEGACY_LLTDIO\0000

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 4 - 3B48
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 4 - 3B48
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_3B48&SUBSYS_03891025&REV_06\3&11583659&0&E3

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Device ID: USB\VID_0781&PID_5576\4C532000000506114043

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT13

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C01\1

Name: E:\
Description: MFC-5460CN
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Brother
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_BROTHER&PROD_MFC-5460CN&REV_1.00#8&BE2A0AA&0&BROM7F538079&0#

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{4F846832-B564-11E4-9580-806E6F6E6963}#0000000346500000

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Device ID: ROOT\RDP_KBD\0000

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C01\A

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: UMB\UMB\1&841921D&0&WPDBUSENUMROOT

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave
Device ID: ROOT\LEGACY_VGASAVE\0000

Name: Generic- MicroSD USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: USBSTOR\DISK&VEN_GENERIC-&PROD_MICROSD&REV_1.00\8&35CCDA1&0&20060413092100000&4

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\0

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Device ID: ROOT\RDP_MOU\0000

Name: H:\
Description: SD/MMC
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#8&35CCDA1&0&20060413092100000&2#

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null
Device ID: ROOT\LEGACY_NULL\0000

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_0BDA&PID_0182\20060413092100000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MICROSD&REV_1.00#8&35CCDA1&0&20060413092100000&4#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}

Name: Intel® PCH SATA AHCI Controller
Description: Intel® PCH SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: iaStor
Device ID: PCI\VEN_8086&DEV_3B22&SUBSYS_03891025&REV_06\3&11583659&0&FA

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\10

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 5 - 3B4A
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 5 - 3B4A
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_3B4A&SUBSYS_03891025&REV_06\3&11583659&0&E4

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&1DADEC05&0

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx
Device ID: ROOT\LEGACY_VOLMGRX\0000

Name: Intel® Core™ i3 CPU 530 @ 2.93GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_37_-_INTEL®_CORE™_I3_CPU_________530__@_2.93GHZ\_3

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw
Device ID: ROOT\LEGACY_PCW\0000

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_04F2&PID_0833\6&248BC58&0&5

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\11

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr
Device ID: ROOT\LEGACY_MOUNTMGR\0000

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0000

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Device ID: USB\VID_0BDA&PID_0182&MI_00\7&371256A8&0&0000

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_10250389&REV_1002\4&18280AE0&0&0201

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&52F9DD0&0

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT3

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap
Device ID: ROOT\LEGACY_VOLSNAP\0000

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH
Device ID: ROOT\LEGACY_PEAUTH\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\2E

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_04F2&PID_0833&MI_01\7&379DB8EB&0&0001

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Device ID: HID\VID_046D&PID_C03D\7&2CB79B4D&0&0000

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol
Device ID: ROOT\LEGACY_FVEVOL\0000

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\3

Name: VIA 1394 OHCI Compliant Host Controller
Description: VIA 1394 OHCI Compliant Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: VIA
Service: 1394ohci
Device ID: PCI\VEN_1106&DEV_3044&SUBSYS_80101025&REV_C0\4&22C27510&0&30F0

Name: Generic- MS/MS-Pro/HG USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: USBSTOR\DISK&VEN_GENERIC-&PROD_MS/MS-PRO/HG&REV_1.00\8&35CCDA1&0&20060413092100000&3

Name: Zone Alarm Firewall Driver
Description: Zone Alarm Firewall Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Vsdatant
Device ID: ROOT\LEGACY_VSDATANT\0000

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched
Device ID: ROOT\LEGACY_PSCHED\0000

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr
Device ID: ROOT\VOLMGR\0000

Name: Synaptics SMBus Driver
Description: Synaptics SMBus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: SmbDrvI
Device ID: PCI\VEN_8086&DEV_3B30&SUBSYS_03891025&REV_06\3&11583659&0&FB

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 7 - 3B4E
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 7 - 3B4E
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_3B4E&SUBSYS_03891025&REV_06\3&11583659&0&E6

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP
Device ID: ROOT\LEGACY_HTTP\0000

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C04\4&E605FC2&0

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_046D&PID_C03D\6&248BC58&0&6

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid
Device ID: HID\VID_04F2&PID_0833&MI_00\8&1910723D&0&0000

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_0BDA&PID_0182&MI_01\7&371256A8&0&0001

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv
Device ID: ROOT\LEGACY_MPSDRV\0000

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Device ID: HID\VID_04F2&PID_0833&MI_01&COL02\8&30D3FE82&0&0001

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT4

Name: F:\
Description: Compact Flash
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#8&35CCDA1&0&20060413092100000&0#

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6
Device ID: ROOT\LEGACY_WANARPV6\0000

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive
Device ID: ROOT\BLBDRIVE\0000

Name: HWiNFO32/64 Kernel Driver
Description: HWiNFO32/64 Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HWiNFO32
Device ID: ROOT\LEGACY_HWINFO32\0000

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C0C\AA

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000

Name: Intel® Display Audio
Description: Intel® Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel® Corporation
Service: IntcDAud
Device ID: HDAUDIO\FUNC_01&VEN_8086&DEV_2804&SUBSYS_80860101&REV_1000\4&18280AE0&0&0301

Name: Intel® Core™ i3 CPU 530 @ 2.93GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_37_-_INTEL®_CORE™_I3_CPU_________530__@_2.93GHZ\_4

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD
Device ID: ROOT\LEGACY_RDPCDD\0000

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000
Device ID: ROOT\LEGACY_WDF01000\0000

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0

Name: G:\
Description: xD-Picture
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_XD-PICTURE&REV_1.00#8&35CCDA1&0&20060413092100000&1#

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy
Device ID: ROOT\LEGACY_HWPOLICY\0000

Name: JMicron JMB36X Controller
Description: JMicron JMB36X Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: JMicron Technology Corp.
Service: JRAID
Device ID: PCI\VEN_197B&DEV_2363&SUBSYS_03891025&REV_03\4&C0CF403&0&00E1

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_0020\5&1E39C4F1&0&1

Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Description: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_3B34&SUBSYS_03891025&REV_06\3&11583659&0&E8

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 8 - 3B50
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 8 - 3B50
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_3B50&SUBSYS_03891025&REV_06\3&11583659&0&E7

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT5

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO#HG&REV_1.00#8&35CCDA1&0&20060413092100000&3#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Device ID: ACPI\PNP0F03\4&E605FC2&0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD
Device ID: ROOT\LEGACY_AFD\0000

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD
Device ID: ROOT\LEGACY_RDPENCDD\0000

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf
Device ID: ROOT\LEGACY_WFPLWF\0000

Name: Generic- SD/MMC USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: USBSTOR\DISK&VEN_GENERIC-&PROD_SD/MMC&REV_1.00\8&35CCDA1&0&20060413092100000&2

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 6007.09 MB
Available physical RAM: 4774.88 MB
Total Virtual: 12012.39 MB
Available Virtual: 10712.71 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:918.41 GB) (Free:412.34 GB) NTFS
2 Drive d: (July 29) (CDROM) (Total:3.86 GB) (Free:0 GB) UDF
9 Drive k: () (Removable) (Total:7.45 GB) (Free:7.26 GB) FAT32

========================= Users: ========================================

User accounts for \\GATEWAY

Administrator Dad Guest
Lenovo

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

01-10-2015 02:00:58 Windows Update

**** End of log ****



#11 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 04 October 2015 - 10:08 AM

Hi Joe,

Again welcome to BC. :)
 
<<<<<<<<<<<
 

I am so sorry that it took so long for me to get back to you. I promise I will be much more responsive from this point on

No apologies necessary. 

I see your problem is likely more complex than it originally appeared.  I see you have been working hard to resolve this problem.  I will see what I can do.  My area of expertise is malware removal and repairing the aftermath of such.  I have some reasonable options to exercise but if it proves ineffective then we can get the help of some of the other staff here if needed.
 
<<<<<<<<<<
 

I so very much appreciate your assistance! I do not know what I would do without your help.

Your welcome.  My pleasure to help.
 
<<<<<<<<<<
 
Will need some important clarifications. 

I need to try and determine if the root of these troubles were a malware infection.  If so I am going to need to move our discussion to a more appropriate location here at BC in the Virus and Malware forums.  There I can use applications and tools we might need that are not allowed here.

Did you previously have any other signs of infection? Browser redirection. Pop-ups? Slow computer? BSOD's? Random reboots?
 
Did any of these tools detect anything?
  • Kaspersky Virus Removal Tool.
  • Run TDSSKiller to remove rootkits.
  • Run the Kaspersky Rescue Disk.
  • MalwareBytes twice, then AdwCleaner
 
Are those logs available for my review?
 
<<<<<<<<<<
 
In the meantime please do this...
 
Please open Notepad (type notepad in the search box)

Next copy and paste the text inside the code box below into notepad:
 
@echo off
ipconfig /flushdns
ipconfig /release
ipconfig /renew
netsh winsock reset >> "%userprofile%\desktop\fixit.txt"  
echo You now have to reboot your PC!   
pause
  • Name the file as fixit.bat, making sure save as type is set to " All Files ".
  • Right click on fixit.bat & Run as admin <-- IMPORTANT.
  • Reboot your computer.
  • Post the fixit.txt log (on your desktop) for my review.
Are you connected now?

<<<<<<<<<
 
With your next post please provide:
  • Answers to my questions
  • Previous logs if available
  • Indication if you are able to connect to the internet now
  • Fixit.txt
  • An update about any other problems that persist
Kind regards,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#12 gfr92y

gfr92y
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, Virginia
  • Local time:12:16 PM

Posted 04 October 2015 - 10:20 AM

Hi Joe,

Again welcome to BC. :)

 

SNIP

 

 

Kind regards,
thcbytes

 

 

No, not until you answer my question first!

 

Why do I not simply do a full install?

 

I have the OEM installation disks, the OEM drivers/accessories disks, and all of the softw...

 

... one second.



#13 gfr92y

gfr92y
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, Virginia
  • Local time:12:16 PM

Posted 04 October 2015 - 11:07 AM

 

Hi Joe,

Again welcome to BC. :)
 
<<<<<<<<<<<

 

SNIP

 

<<<<<<<<<<<

 

Kind regards,

thcbytes

 

 

t,

 

I have a better question!

 

Wait for it...

 

My wife was gathering our CDs and DVDs containing old photos last week and casually mentioned that she found some computer disks; i.e., any disk that looks like a CD that does not have the word 'Photos' written on it or a track list (or as she calls it, a list of songs). It took me years, but I love her dearly. Excuse me for digressing. As I was finishing my last post to you, I laughed sinisterly as I walked to her sewing room. No, if anyone ever took the TV off the sewing machine table it would probably fall apart. Same goes for the stove. Sorry, back on task... Here's what I found:

The installation disks for my HP Pavilion 5030 purchased in 1995

The installation disks for my Dell Dimension E310 purchased in 2006, and

Two DVDs labelled 'Initial Gateway Image' burned in 2010, the same year I purchased my Gateway.

 

Oh, the question, right!

 

Would you... no, no, no... Should I travel the titillating path you have laid before us, no matter how adventurous it might be, or should I exploit my installation and driver disks, recovery disks and/or image disks?

 

If I may, I would like to ask a different question...

 

What are the pros and cons of the different strategies?

 

Thanks!

 

Joe



#14 gfr92y

gfr92y
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, Virginia
  • Local time:12:16 PM

Posted 04 October 2015 - 12:21 PM

 

I see your problem is likely more complex than it originally appeared.  I see you have been working hard to resolve this problem.  I will see what I can do.  My area of expertise is malware removal and repairing the aftermath of such.  I have some reasonable options to exercise but if it proves ineffective then we can get the help of some of the other staff here if needed.

 
<<<<<<<<<<

 

Will need some important clarifications. 

I need to try and determine if the root of these troubles were a malware infection.  If so I am going to need to move our discussion to a more appropriate location here at BC in the Virus and Malware forums.  There I can use applications and tools we might need that are not allowed here.

Did you previously have any other signs of infection? Browser redirection. Pop-ups? Slow computer? BSOD's? Random reboots?
 
Did any of these tools detect anything?

 

  • Kaspersky Virus Removal Tool.
  • Run TDSSKiller to remove rootkits.
  • Run the Kaspersky Rescue Disk.
  • MalwareBytes twice, then AdwCleaner

 
Are those logs available for my review?
 

<<<<<<<<<

 

Did you previously have:

  • Any other signs of infectiona PUP, but KIS quarantined it and I deleted it.
  • Browser redirection? I am not sure what this is.
  • Pop-ups? I had one of those FBI Sting pop-ups, but went to task manager, ended all of Chrome’s instances, ran the following one at a time with the others turned off: (i) KIS, (ii) MalwareBytes, (iii) Windows Defender, and (iv) an anti-rootkit program whose name escapes me right now, and I do not remember anything being identified. 
  • Slow computer? No
  • BSODs? No
  • Random reboots? Maybe. That might explain why I had a network connection with my laptop when I went to bed, but not when I woke up.
Did any of these tools detect anything and are those logs available for my review?
  • Kaspersky Internet Security (Reason: FBI Sting Pop-up):
    • I do not recall anything being identified, but that does not necessarily mean that nothing was identified. 
    • I will look for them once we decide what strategy we are going to follow or at your direction.
  • MalwareBytes (Reason: FBI Sting Pop-up): Same as above
  • Windows Defender (Reason: FBI Sting Pop-up): Same as above
  • The anti-rootkit program (Reason: FBI Sting Pop-up): Same as above
  • Kaspersky Virus Removal Tool (Reason: Error 268867994): Same as above
  • TDSSKiller (Reason: Error 268867994): Same as above
  • Kaspersky Rescue Disk (Reason: Error 268867994): Same as above
  • MalwareBytes (Reason: Error 268867994; 2 reports): Same as above
  • AdwCleaner (Reason: Error 268867994; 4 scans, 2 cleans, 1 restoration): Yes and yes
I am planning to execute the following as soon as I dispatch this post.
 

 

In the meantime please do this...

 
Please open Notepad (type notepad in the search box)

Next copy and paste the text inside the code box below into notepad:
 
@echo off
ipconfig /flushdns
ipconfig /release
ipconfig /renew
netsh winsock reset >> "%userprofile%\desktop\fixit.txt"  
echo You now have to reboot your PC!   
pause
  • Name the file as fixit.bat, making sure save as type is set to " All Files ".
  • Right click on fixit.bat & Run as admin <-- IMPORTANT.
  • Reboot your computer.
  • Post the fixit.txt log (on your desktop) for my review.
Are you connected now?

 

 

 

With your next post please provide:

  • Answers to my questions
  • Previous logs if available
  • Indication if you are able to connect to the internet now
  • Fixit.txt
  • An update about any other problems that persist
Kind regards,
thcbytes

 

 

With your next post please provide:
  • Answers to my questions: Notwithstanding the information contained in the available logs, I have provide the best answers I can.
  • Previous logs if available: Given my question on strategy (Investigate, Full Install, Rescue, Image), do you still want the logs?
  • Indication if you are able to connect to the internet now: As soon as I implement the steps provided above.
  • Fixit.txt: As soon as I implement the steps provided above.
  • An update about any other problems that persist: Yes, I will.

Thanks, again, for your continued support!

 

Joe

 



#15 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 04 October 2015 - 01:27 PM

Hi Joe,

 

I must say in the short time we have been working together I have really enjoyed your commentary. :)

 

In a nut shell...

 

You do have many options. 

 

The most aggressive being "nuke and pave" - wipe the disc and reinstall the OS.  You would need to back up any data you want to preserve otherwise it will be lost. 

 

There are many ways to do it including your previously burned image from 2010 or even better from the Windows 10 recovery environment built into the OS.  In fact you can "Refresh (save your files), Reset (nuke and pave), or Roll back (previous OS - Win 7 for example).  There are many pro's and cons of these options.  These options might be overly aggressive.

 

I don't want to get too much into the pros and cons yet. 

 

I do not think it would be a waste of time to let me look a little deeper and see if I can get your computer clean and working properly.  I would think the odds are quite good and therefore you won't have to revert to more drastic aggressive measures. 

 

Ultimately the choice is yours.

 

Just to answer your question.  Browser redirection is when you are surfing the web and your browser automatically takes you somewhere you did not intend.  It is another common sign of infection.

 

The FBI sting pop up is clearly evidence of infection and may account for the big mess. 

 

Here is what I would propose. 

 

Report back and let me know if the fix I suggested helped.  If it fails then I want you to decide what you want to do.  If you want me to continue helping you then I will move us over to the Virus and Malware forum and take a closer look.  Otherwise I will let my colleagues guide you through a restore.

 

Sound good?

 

Kind regards,

thcbytes


Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users