Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

alsysio64


  • Please log in to reply
24 replies to this topic

#1 Arie_Dub

Arie_Dub

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 14 March 2016 - 07:02 AM

MTB LOG:

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by RISE (administrator) on 14-03-2016 at 05:08:01
Running from "C:\Users\RISE\Downloads\Web\AV\alsysio64"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Model: To Be Filled By O.E.M. Manufacturer: To Be Filled By O.E.M.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=&????"## subinterface=ethernet_13 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Speed-Demon
   Primary Dns Suffix  . . . . . . . : iarise.org
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : iarise.org

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-25-22-D9-B2-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::61de:51e4:9d75:e341%17(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.18(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : March 13, 2016 12:54:08 AM
   Lease Expires . . . . . . . . . . : March 15, 2016 1:44:56 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 285222178
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-1A-EC-81-00-25-22-D9-B2-AF
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B53D888F-9C83-4D25-AD74-0F339AAB9009}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:4009:80a::200e
	  216.58.216.78


Pinging google.com [216.58.216.78] with 32 bytes of data:
Reply from 216.58.216.78: bytes=32 time=28ms TTL=55
Reply from 216.58.216.78: bytes=32 time=34ms TTL=55

Ping statistics for 216.58.216.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 34ms, Average = 31ms
Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
	  2001:4998:c:a06::2:4008
	  2001:4998:44:204::a7
	  98.138.253.109
	  206.190.36.45
	  98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=51ms TTL=53
Reply from 98.138.253.109: bytes=32 time=52ms TTL=53

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 51ms, Maximum = 52ms, Average = 51ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...00 25 22 d9 b2 af ......Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.18     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.18    276
     192.168.0.18  255.255.255.255         On-link      192.168.0.18    276
    192.168.0.255  255.255.255.255         On-link      192.168.0.18    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.18    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.18    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 17    276 fe80::/64                On-link
 17    276 fe80::61de:51e4:9d75:e341/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/13/2016 02:58:03 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18231 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 16e0

Start Time: 01d17cfdec66a526

Termination Time: 35

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/29/2015 03:58:30 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18123 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1100

Start Time: 01d1420eefdf67fb

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (12/29/2015 03:56:17 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 16d0

Start Time: 01d14216a7d51a17

Termination Time: 31

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/29/2015 03:55:23 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: efc

Start Time: 01d1420ef02a0f9e

Termination Time: 9

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/29/2015 03:00:09 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18123 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: db0

Start Time: 01d1420e473d8cd4

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (12/29/2015 02:51:18 AM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 11.10.11.1, time stamp: 0x52ddc011
Faulting module name: nvapi.dll_unloaded, version: 0.0.0.0, time stamp: 0x54cc163a
Exception code: 0xc0000005
Fault offset: 0x6c63b180
Faulting process id: 0xaf4
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3

Error: (12/08/2015 06:53:37 PM) (Source: Adobe Reader) (User: )
Description: 

Error: (07/26/2015 12:07:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Dependent Assembly SMC,processorArchitecture="x86",type="win32",version="6.2.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/26/2015 12:07:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Dependent Assembly SMC,processorArchitecture="x86",type="win32",version="6.2.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/26/2015 12:07:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Dependent Assembly SMC,processorArchitecture="x86",type="win32",version="6.2.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (03/13/2016 12:54:14 AM) (Source: Service Control Manager) (User: )
Description: The CIR Receiver service failed to start due to the following error: 
%%1058

Error: (03/13/2016 12:53:24 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (03/13/2016 12:52:19 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (03/13/2016 12:52:18 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (03/13/2016 12:52:18 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (03/12/2016 11:33:07 PM) (Source: Service Control Manager) (User: )
Description: The CIR Receiver service failed to start due to the following error: 
%%1058

Error: (03/12/2016 11:32:37 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (03/12/2016 11:32:30 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (03/12/2016 11:32:29 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (03/12/2016 11:32:29 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

"Nero SoundTrax Help (HKLM-x32\...\{B96C2601-52F5-4D5D-816A-63469EA311EF}) (Version: 4.0.15.0 - Nero AG) Hidden
Ableton Live 9 Lite (HKLM\...\{9130C3A8-3BEA-4A24-88F9-50EFB036F999}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
A-Series Keyboard Driver (HKLM\...\RolandRDID0133) (Version:  - Roland Corporation)
ASUS Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - ASUS)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
BleachBit (HKLM-x32\...\BleachBit) (Version:  - BleachBit)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
ClearNIcieBrowse (HKLM-x32\...\{604B50C8-59DF-C3D0-EC52-CD17D7D40A30}) (Version:  - )
COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Core Temp 1.0 RC3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.21 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Deluge 1.3.11 (HKLM-x32\...\Deluge) (Version:  - )
Digital microscope (HKLM-x32\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corp.)
DiscountExt (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}) (Version:  - DiscountExt)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)
DolbyFiles (HKLM-x32\...\{56BE5CC9-95E6-4128-ABEA-968414CA9C80}) (Version: 2.0 - Nero AG) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Menu Templates - Starter Kit (HKLM-x32\...\{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}) (Version: 9.0.4.0 - Nero AG) Hidden
MicroCapture 2.5 (HKLM-x32\...\MicroCapture) (Version: 2.5 - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (РÑÑÑкОй) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.6.01055 - ÐПÑпПÑаÑÐžÑ ÐайкÑПÑПÑÑ)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Templates - Starter Kit (HKLM-x32\...\{BCD82AB5-670D-4242-90FA-1F97103C16CD}) (Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{982da673-3dff-4966-9221-5a56513ce2d8}) (Version:  - Nero AG)
NuConnect (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f275c174}) (Version:  - NuConnect)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Picture Downloader Professional (HKLM-x32\...\{C816B74A-76DD-F936-7C6E-56E2B881B487}) (Version:  - )
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
ScopeView (HKLM-x32\...\{E292525D-F43E-4295-A708-B4D6A7DF75ED}) (Version: 1.1.0.0 - ScopeView-Setup)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.7.306 - NVIDIA Corporation) Hidden
Soda PDF 3D Reader (HKLM-x32\...\Soda PDF 3D Reader) (Version: 6.0.22.17373 - LULU Software Limited)
Soda PDF 3D Reader Create Module (HKLM-x32\...\{5482CEC2-6DFA-49C7-B312-78B73A827C4E}) (Version: 6.0.10.16430 - LULU Software Limited) Hidden
Soda PDF 3D Reader View Module (HKLM-x32\...\{63F60984-556B-4268-8D81-B18ECFC7C0CC}) (Version: 6.0.10.16430 - LULU Software Limited) Hidden
SoundTrax (HKLM-x32\...\{3097B151-1F61-4211-A4CC-D70127B226AE}) (Version: 4.0.18.0 - Nero AG) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
UM-ONE Driver (HKLM\...\RolandRDID0115) (Version:  - Roland Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WHiteCouPuon (HKLM-x32\...\{F679D2F0-CE91-93C8-BD2D-062DF04DA0C1}) (Version:  - )
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

========================= Devices: ================================

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&294CB6A4&0

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr
Device ID: ROOT\VOLMGR\0000

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
Device ID: PCIIDE\IDECHANNEL\4&3A1B515C&0&0

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Wanarpv6
Device ID: ROOT\LEGACY_WANARPV6\0000

Name: E-mu Plug-in Architecture Driver
Description: E-mu Plug-in Architecture Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: emupia
Device ID: ROOT\LEGACY_EMUPIA\0000

Name: Offline Files Driver
Description: Offline Files Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CSC
Device ID: ROOT\LEGACY_CSC\0000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{6D045CB5-84EC-11E1-91B9-806E6F6E6963}#0000000006500000

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RDPCDD
Device ID: ROOT\LEGACY_RDPCDD\0000

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_2101&PID_020F&MI_00\6&B1276B2&0&0000

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Wdf01000
Device ID: ROOT\LEGACY_WDF01000\0000

Name: CT20XUT.DLL
Description: CT20XUT.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CT20XUT.DLL
Device ID: ROOT\LEGACY_CT20XUT.DLL\0000

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\SAN0206\5&76BFFEB&2&UID67109137

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
Device ID: PCIIDE\IDECHANNEL\4&3A1B515C&0&1

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RDPENCDD
Device ID: ROOT\LEGACY_RDPENCDD\0000

Name: Intel(R) N10/ICH7 Family Serial ATA Storage Controller - 27C0
Description: Intel(R) N10/ICH7 Family Serial ATA Storage Controller - 27C0
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: intelide
Device ID: PCI\VEN_8086&DEV_27C0&SUBSYS_27C01849&REV_01\3&11583659&0&FA

Name: Intel(R) 82802 Firmware Hub Device
Description: Intel(R) 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: ACPI\INT0800\4&A6EC6C1&0

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_27D8&SUBSYS_03971849&REV_01\3&11583659&0&D8

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WfpLwf
Device ID: ROOT\LEGACY_WFPLWF\0000

Name: CTAUDFX.DLL
Description: CTAUDFX.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTAUDFX.DLL
Device ID: ROOT\LEGACY_CTAUDFX.DLL\0000

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RDPREFMP
Device ID: ROOT\LEGACY_RDPREFMP\0000

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0000

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0000\4&A6EC6C1&0

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WudfPf
Device ID: ROOT\LEGACY_WUDFPF\0000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{6D045CB5-84EC-11E1-91B9-806E6F6E6963}#0000000425900000

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0001

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: rspndr
Device ID: ROOT\LEGACY_RSPNDR\0000

Name: CTEAPSFX.DLL
Description: CTEAPSFX.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTEAPSFX.DLL
Device ID: ROOT\LEGACY_CTEAPSFX.DLL\0000

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_046D&PID_C513&MI_00\6&2C8673DF&0&0000

Name: NVIDIA GeForce 7800 GT (Microsoft Corporation - WDDM)
Description: NVIDIA GeForce 7800 GT (Microsoft Corporation - WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Device ID: PCI\VEN_10DE&DEV_0092&SUBSYS_030110DE&REV_A1\4&246CC475&0&0008

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0100\4&A6EC6C1&0

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000

Name: Intel(R) N10/ICH7 Family USB Universal Host Controller - 27C8
Description: Intel(R) N10/ICH7 Family USB Universal Host Controller - 27C8
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Device ID: PCI\VEN_8086&DEV_27C8&SUBSYS_27C81849&REV_01\3&11583659&0&E8

Name: Intel(R) N10/ICH7 Family SMBus Controller - 27DA
Description: Intel(R) N10/ICH7 Family SMBus Controller - 27DA
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_27DA1849&REV_01\3&11583659&0&FB

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: secdrv
Device ID: ROOT\LEGACY_SECDRV\0000

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&1

Name: Logitech Driver Interface
Description: Logitech Driver Interface
Class Guid: {d41dd63a-1395-4419-ae14-a534f5f2ad29}
Manufacturer: Logitech
Service: 
Device ID: {C1FCC185-55B3-4E00-814B-C588A13525E1}\VID_046D&PID_C513&REV_3200&MI_00&HIDFILT\8&399B670C&0&00

Name: CTEDSPFX.DLL
Description: CTEDSPFX.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTEDSPFX.DLL
Device ID: ROOT\LEGACY_CTEDSPFX.DLL\0000

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Device ID: ROOT\MS_AGILEVPNMINIPORT\0000

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: msisadrv
Device ID: ROOT\LEGACY_MSISADRV\0000

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_046D&PID_C513&MI_01&COL04\7&55DD2FD&0&0003

Name: ST3500320AS ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: IDE\DISKST3500320AS_____________________________SD15____\5&ABDE2FF&0&0.0.0

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Device ID: ROOT\LEGACY_SPLDR\0000

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive
Device ID: ROOT\BLBDRIVE\0000

Name: Intel(R) Core(TM)2 Quad  CPU   Q9450  @ 2.66GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_23_-_INTEL(R)_CORE(TM)2_QUAD__CPU___Q9450__@_2.66GHZ\_1

Name: CTEDSPIO.DLL
Description: CTEDSPIO.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTEDSPIO.DLL
Device ID: ROOT\LEGACY_CTEDSPIO.DLL\0000

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0200\4&A6EC6C1&0

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Device ID: ROOT\MS_L2TPMINIPORT\0000

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: fvevol
Device ID: ROOT\LEGACY_FVEVOL\0000

Name: Creative SB Audigy
Description: Creative Audigy Audio Processor (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Creative Technology, Ltd.
Service: ctaud2k
Device ID: PCI\VEN_1102&DEV_0004&SUBSYS_00531102&REV_03\4&2C30955E&0&10F0

Name: RAS Async Adapter
Description: RAS Async Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: AsyncMac
Device ID: SW\{EEAB7790-C514-11D1-B42B-00805FC1270E}\ASYNCMAC

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000

Name: Intel(R) N10/ICH7 Family USB Universal Host Controller - 27C9
Description: Intel(R) N10/ICH7 Family USB Universal Host Controller - 27C9
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Device ID: PCI\VEN_8086&DEV_27C9&SUBSYS_27C91849&REV_01\3&11583659&0&E9

Name: Intel(R) ICH7 Family Ultra ATA Storage Controllers - 27DF
Description: Intel(R) ICH7 Family Ultra ATA Storage Controllers - 27DF
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: intelide
Device ID: PCI\VEN_8086&DEV_27DF&SUBSYS_27DF1849&REV_01\3&11583659&0&F9

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NDIS
Device ID: ROOT\LEGACY_NDIS\0000

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANBH\0000

Name: Creative Hardware Abstract Layer Driver
Description: Creative Hardware Abstract Layer Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ha10kx2k
Device ID: ROOT\LEGACY_HA10KX2K\0000

Name: CTEDSPSY.DLL
Description: CTEDSPSY.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTEDSPSY.DLL
Device ID: ROOT\LEGACY_CTEDSPSY.DLL\0000

Name: HL-DT-ST DVD-RAM GSA-H22N ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: IDE\CDROMHL-DT-ST_DVD-RAM_GSA-H22N_______________1.01____\5&5DE1D62&0&0.0.0

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt
Device ID: ROOT\COMPOSITE_BATTERY\0000

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Device ID: HID\VID_2101&PID_020F&MI_01\7&3B896027&0&0000

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NDProxy
Device ID: ROOT\LEGACY_NDPROXY\0000

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANIP\0000

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0800\4&A6EC6C1&0

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HTTP
Device ID: ROOT\LEGACY_HTTP\0000

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_2101&PID_020F&MI_01\6&B1276B2&0&0001

Name: Logitech Driver Interface
Description: Logitech Driver Interface
Class Guid: {d41dd63a-1395-4419-ae14-a534f5f2ad29}
Manufacturer: Logitech
Service: 
Device ID: {C1FCC185-55B3-4E00-814B-C588A13525E1}\VID_046D&PID_C513&REV_3200&MI_01&COL01&HIDFILT\8&ABA2C96&0&00

Name: CTERFXFX.DLL
Description: CTERFXFX.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTERFXFX.DLL
Device ID: ROOT\LEGACY_CTERFXFX.DLL\0000

Name: Logitech HID-Compliant Keyboard
Description: Logitech HID-Compliant Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: kbdhid
Device ID: HID\VID_046D&PID_C513&MI_00\7&1D215F42&0&0000

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AFD
Device ID: ROOT\LEGACY_AFD\0000

Name: 1394 OHCI Compliant Host Controller
Description: 1394 OHCI Compliant Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: 1394 OHCI Compliant Host Controller
Service: 1394ohci
Device ID: PCI\VEN_1102&DEV_4001&SUBSYS_00101102&REV_00\4&2C30955E&0&12F0

Name: Intel(R) N10/ICH7 Family USB Universal Host Controller - 27CA
Description: Intel(R) N10/ICH7 Family USB Universal Host Controller - 27CA
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Device ID: PCI\VEN_8086&DEV_27CA&SUBSYS_27CA1849&REV_01\3&11583659&0&EA

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_046D&PID_C513&MI_01\6&2C8673DF&0&0001

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANIPV6\0000

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: hwpolicy
Device ID: ROOT\LEGACY_HWPOLICY\0000

Name: Intel(R) 4 Series Chipset Processor to I/O Controller - 2E30
Description: Intel(R) 4 Series Chipset Processor to I/O Controller - 2E30
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: PCI\VEN_8086&DEV_2E30&SUBSYS_2E301849&REV_03\3&11583659&0&00

Name: Disk Virtual Machine Bus Acceleration Filter Driver
Description: Disk Virtual Machine Bus Acceleration Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: storflt
Device ID: ROOT\LEGACY_STORFLT\0000

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0

Name: ALSysIO
Description: ALSysIO
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ALSysIO
Device ID: ROOT\LEGACY_ALSYSIO\0000

Name: Intel(R) Core(TM)2 Quad  CPU   Q9450  @ 2.66GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_23_-_INTEL(R)_CORE(TM)2_QUAD__CPU___Q9450__@_2.66GHZ\_2

Name: CTEXFIFX.DLL
Description: CTEXFIFX.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTEXFIFX.DLL
Device ID: ROOT\LEGACY_CTEXFIFX.DLL\0000

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0B00\4&A6EC6C1&0

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NetBT
Device ID: ROOT\LEGACY_NETBT\0000

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Device ID: ROOT\MS_PPPOEMINIPORT\0000

Name: COMODO Internet Security Firewall Driver
Description: COMODO Internet Security Firewall Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: inspect
Device ID: ROOT\LEGACY_INSPECT\0000

Name: Logitech HID-compliant Cordless Mouse
Description: Logitech HID-compliant Cordless Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: mouhid
Device ID: HID\VID_046D&PID_C513&MI_01&COL01\7&55DD2FD&0&0000

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Tcpip
Device ID: ROOT\LEGACY_TCPIP\0000

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_2101&PID_020F\5&26E7C7E1&0&2

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Beep
Device ID: ROOT\LEGACY_BEEP\0000

Name: CTHWIUT.DLL
Description: CTHWIUT.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTHWIUT.DLL
Device ID: ROOT\LEGACY_CTHWIUT.DLL\0000

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C01\1

Name: HID UPS Battery
Description: HID UPS Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: HidBatt
Device ID: HID\VID_051D&PID_0002\6&245B3F5C&0&0000

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: tcpipreg
Device ID: ROOT\LEGACY_TCPIPREG\0000

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: KSecDD
Device ID: ROOT\LEGACY_KSECDD\0000

Name: PCI Input Device
Description: PCI Input Device
Class Guid: 
Manufacturer: 
Service: 
Device ID: PCI\VEN_1102&DEV_7003&SUBSYS_00401102&REV_03\4&2C30955E&0&11F0
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Device ID: ROOT\MS_PPTPMINIPORT\0000

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_046D&PID_C513&MI_01&COL05\7&55DD2FD&0&0004

Name: Intel(R) N10/ICH7 Family USB Universal Host Controller - 27CB
Description: Intel(R) N10/ICH7 Family USB Universal Host Controller - 27CB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Device ID: PCI\VEN_8086&DEV_27CB&SUBSYS_27CB1849&REV_01\3&11583659&0&EB

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: UMB\UMB\1&841921D&0&PRINTERBUSENUMERATOR

Name: Intel(R) 4 Series Chipset PCI Express Root Port - 2E31
Description: Intel(R) 4 Series Chipset PCI Express Root Port - 2E31
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_2E31&SUBSYS_2E311849&REV_03\3&11583659&0&08

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C01\A

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: nsiproxy
Device ID: ROOT\LEGACY_NSIPROXY\0000

Name: Creative Proxy Driver
Description: Creative Proxy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ctprxy2k
Device ID: ROOT\LEGACY_CTPRXY2K\0000

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: KSecPkg
Device ID: ROOT\LEGACY_KSECPKG\0000

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: 
Device ID: HID\VID_046D&PID_C513&MI_01&COL02\7&55DD2FD&0&0001

Name: Logitech Driver Interface
Description: Logitech Driver Interface
Class Guid: {d41dd63a-1395-4419-ae14-a534f5f2ad29}
Manufacturer: Logitech
Service: 
Device ID: {C1FCC185-55B3-4E00-814B-C588A13525E1}\VID_046D&PID_C513&REV_3200&MI_01&COL01&MOUFILT\8&ABA2C96&0&00

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: tdx
Device ID: ROOT\LEGACY_TDX\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\0

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: ROOT\MS_SSTPMINIPORT\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\10

Name: CTSBLFX.DLL
Description: CTSBLFX.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CTSBLFX.DLL
Device ID: ROOT\LEGACY_CTSBLFX.DLL\0000

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: lltdio
Device ID: ROOT\LEGACY_LLTDIO\0000

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CLFS
Device ID: ROOT\LEGACY_CLFS\0000

Name: Intel(R) Core(TM)2 Quad  CPU   Q9450  @ 2.66GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_23_-_INTEL(R)_CORE(TM)2_QUAD__CPU___Q9450__@_2.66GHZ\_3

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\11

Name: Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
Description: Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Device ID: PCI\VEN_1969&DEV_2062&SUBSYS_20621849&REV_C1\4&1BA3C945&0&00E1

Name: VIA High Definition Audio
Description: VIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: VIA Technologies, Inc.
Service: VIAHdAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_1106&DEV_4397&SUBSYS_18490397&REV_1000\4&70A2EED&0&0001

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Null
Device ID: ROOT\LEGACY_NULL\0000

Name: Intel(R) N10/ICH7 Family USB2 Enhanced Host Controller - 27CC
Description: Intel(R) N10/ICH7 Family USB2 Enhanced Host Controller - 27CC
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_27CC&SUBSYS_27CC1849&REV_01\3&11583659&0&EF

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Device ID: ROOT\RDP_KBD\0000

Name: Creative SoundFont Management Device Driver
Description: Creative SoundFont Management Device Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ctsfm2k
Device ID: ROOT\LEGACY_CTSFM2K\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\2E

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB\4&19D853C8&0

Name: Creative OS Services Driver
Description: Creative OS Services Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ossrv
Device ID: ROOT\LEGACY_OSSRV\0000

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Device ID: ROOT\RDP_MOU\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\3

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VgaSave
Device ID: ROOT\LEGACY_VGASAVE\0000

Name: COMODO Internet Security Helper Driver
Description: COMODO Internet Security Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cmdHlp
Device ID: ROOT\LEGACY_CMDHLP\0000

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB\4&23C7AE80&0

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C04\4&A6EC6C1&0

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: pcw
Device ID: ROOT\LEGACY_PCW\0000

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid
Device ID: HID\VID_2101&PID_020F&MI_00\7&131EB25E&0&0000

Name: Virtual Machine Bus
Description: Virtual Machine Bus
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: vmbus
Device ID: ROOT\LEGACY_VMBUS\0000

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mountmgr
Device ID: ROOT\LEGACY_MOUNTMGR\0000

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: discache
Device ID: ROOT\LEGACY_DISCACHE\0000

Name: Intel(R) 82801 PCI Bridge - 244E
Description: Intel(R) 82801 PCI Bridge - 244E
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_244E1849&REV_E1\3&11583659&0&F0

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: CNG
Device ID: ROOT\LEGACY_CNG\0000

Name: Intel(R) N10/ICH7 Family PCI Express Root Port - 27D0
Description: Intel(R) N10/ICH7 Family PCI Express Root Port - 27D0
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_27D0&SUBSYS_27D01849&REV_01\3&11583659&0&E0

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
Device ID: PCIIDE\IDECHANNEL\4&1A8DFDF8&0&0

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: PEAUTH
Device ID: ROOT\LEGACY_PEAUTH\0000

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB\4&313FFE17&0

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0C\AA

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{6D045CB5-84EC-11E1-91B9-806E6F6E6963}#0000000000100000

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Device ID: ROOT\UNNAMED_DEVICE\0000

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: volmgrx
Device ID: ROOT\LEGACY_VOLMGRX\0000

Name: COMMONFX.DLL
Description: COMMONFX.DLL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: COMMONFX.DLL
Device ID: ROOT\LEGACY_COMMONFX.DLL\0000

Name: Intel(R) Core(TM)2 Quad  CPU   Q9450  @ 2.66GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_23_-_INTEL(R)_CORE(TM)2_QUAD__CPU___Q9450__@_2.66GHZ\_4

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Psched
Device ID: ROOT\LEGACY_PSCHED\0000

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
Device ID: PCIIDE\IDECHANNEL\4&1A8DFDF8&0&1

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB\4&C600431&0

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: volsnap
Device ID: ROOT\LEGACY_VOLSNAP\0000

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_046D&PID_C513\5&8A0E485&0&1

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mpsdrv
Device ID: ROOT\LEGACY_MPSDRV\0000

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: DXGKrnl
Device ID: ROOT\LEGACY_DXGKRNL\0000

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\VID_046D&PID_C513&MI_01&COL03\7&55DD2FD&0&0002

Name: cpuz135
Description: cpuz135
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cpuz135
Device ID: ROOT\LEGACY_CPUZ135\0000

Name: American Power Conversion USB UPS
Description: American Power Conversion USB UPS
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: American Power Conversion
Service: HidUsb
Device ID: USB\VID_051D&PID_0002\AB0520290369__

Name: Intel(R) ICH7 Family LPC Interface Controller - 27B8
Description: Intel(R) ICH7 Family LPC Interface Controller - 27B8
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_27B8&SUBSYS_27B81849&REV_01\3&11583659&0&F8

Name: Intel(R) N10/ICH7 Family PCI Express Root Port - 27D2
Description: Intel(R) N10/ICH7 Family PCI Express Root Port - 27D2
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_27D2&SUBSYS_27D21849&REV_01\3&11583659&0&E1


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 8191.09 MB
Available physical RAM: 5017.85 MB
Total Virtual: 24573.29 MB
Available Virtual: 21112.07 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:449.17 GB) (Free:10.58 GB) NTFS
2 Drive d: (RAM Disk) (Fixed) (Total:16.49 GB) (Free:0.39 GB) NTFS

========================= Users: ========================================

User accounts for \\SPEED-DEMON

Administrator            Guest                    RISE                     

========================= Minidump Files ==================================

C:\Windows\Minidump\013016-20718-01.dmp
C:\Windows\Minidump\013016-24828-01.dmp
========================= Restore Points ==================================


**** End of log ****

MBAM LOG:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/14/2016
Scan Time: 5:55 AM
Logfile: MBAM.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.14.02
Rootkit Database: v2016.03.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: RISE

Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 286416
Time Elapsed: 3 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 39
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{22D8077A-5A6B-4053-8799-8A288D60F8B8}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3429C8E8-686E-40FB-AB2E-1EE3A12ED764}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{968EDBEB-64FB-4E5F-9AB0-47B477C3AA7B}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEAE9EB9-883A-447D-A4E4-E3A3B5BAEA51}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{22D8077A-5A6B-4053-8799-8A288D60F8B8}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3429C8E8-686E-40FB-AB2E-1EE3A12ED764}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{968EDBEB-64FB-4E5F-9AB0-47B477C3AA7B}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEAE9EB9-883A-447D-A4E4-E3A3B5BAEA51}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{22D8077A-5A6B-4053-8799-8A288D60F8B8}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3429C8E8-686E-40FB-AB2E-1EE3A12ED764}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{968EDBEB-64FB-4E5F-9AB0-47B477C3AA7B}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EEAE9EB9-883A-447D-A4E4-E3A3B5BAEA51}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA}, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\TYPELIB\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\INTERFACE\{06277103-2F8D-4A33-B3D6-F93F375C92B2}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\INTERFACE\{42C78761-D6D0-4152-9B0A-81DAE36A06F2}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\INTERFACE\{A223CCDF-0733-49A0-B003-65520AE363C4}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA88A162-7E8A-4815-A3B5-24A2206289EC}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{06277103-2F8D-4A33-B3D6-F93F375C92B2}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{42C78761-D6D0-4152-9B0A-81DAE36A06F2}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A223CCDF-0733-49A0-B003-65520AE363C4}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA88A162-7E8A-4815-A3B5-24A2206289EC}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{06277103-2F8D-4A33-B3D6-F93F375C92B2}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{42C78761-D6D0-4152-9B0A-81DAE36A06F2}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A223CCDF-0733-49A0-B003-65520AE363C4}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AA88A162-7E8A-4815-A3B5-24A2206289EC}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}, , [abff57308d0c6bcb3c838fa2ac587e82],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [3a702067049588ae77c7bfaa1ce85aa6],
PUP.Optional.MyFreeze, HKLM\SOFTWARE\WOW6432NODE\Freeze.com, , [38720087bcddf73f4106ac6c7193dd23],
PUP.Optional.InstallBrain, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, , [f1b96e193366ea4c1fbc40ce0301c23e],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f275c174}, , [93178cfbff9a77bfd914f423c143a858],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [decc9becc5d4c57138060960e42018e8],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-579586265-11660380-4057612859-1000\SOFTWARE\Conduit, , [68420c7bbddc7eb8f19190f5699b56aa],
PUP.Optional.MultiPlug, HKU\S-1-5-21-579586265-11660380-4057612859-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [22882463cecbb086f0af3c02659f5aa6],
PUP.Optional.MultiPlug, HKU\S-1-5-21-579586265-11660380-4057612859-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [22882463cecbb086f0af3c02659f5aa6],
PUP.Optional.DiscountExt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{37476589-E48E-439E-A706-56189E2ED4C4}, , [6d3de0a7dcbd1d199462f6f9768cff01],

Registry Values: 2
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [3a702067049588ae77c7bfaa1ce85aa6]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [decc9becc5d4c57138060960e42018e8]

Registry Data: 0
(No malicious items detected)

Folders: 5
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12650665686198490127, , [f8b20c7bc6d3ac8aec17549a946f04fc],
PUP.Optional.ClearBrowse, C:\Program Files (x86)\ClearNIcieBrowse, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.WhiteCoupon, C:\Program Files (x86)\WHiteCouPuon, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, , [c4e6ff88fd9cc57149b8e000c63cea16],
PUP.Optional.DiscountExt, C:\Program Files (x86)\DiscountExt, , [6d3de0a7dcbd1d199462f6f9768cff01],

Files: 11
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12650665686198490127\0a4322c8683753def92559c25d2c1522.ini, , [f8b20c7bc6d3ac8aec17549a946f04fc],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12650665686198490127\7355505de98576fff92559c25d2c1522.ini, , [f8b20c7bc6d3ac8aec17549a946f04fc],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12650665686198490127\7e684f9d49d116abf92559c25d2c1522.ini, , [f8b20c7bc6d3ac8aec17549a946f04fc],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12650665686198490127\838da824a68c2cd5f92559c25d2c1522.ini, , [f8b20c7bc6d3ac8aec17549a946f04fc],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12650665686198490127\85335d8f8c4579d5f92559c25d2c1522.ini, , [f8b20c7bc6d3ac8aec17549a946f04fc],
PUP.Optional.ClearBrowse, C:\Program Files (x86)\ClearNIcieBrowse\Ya6FegTnl7M4zw.tlb, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.ClearBrowse, C:\Program Files (x86)\ClearNIcieBrowse\Ya6FegTnl7M4zw.dat, , [7f2be2a51980eb4bbdb89f5c20e38779],
PUP.Optional.WhiteCoupon, C:\Program Files (x86)\WHiteCouPuon\Cyu7WbPQSRMTyR.tlb, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.WhiteCoupon, C:\Program Files (x86)\WHiteCouPuon\Cyu7WbPQSRMTyR.dat, , [abff57308d0c6bcb3c838fa2ac587e82],
PUP.Optional.DiscountExt, C:\Program Files (x86)\DiscountExt\DiscountExt.dat, , [6d3de0a7dcbd1d199462f6f9768cff01],
PUP.Optional.DiscountExt, C:\Program Files (x86)\DiscountExt\DiscountExt.exe, , [6d3de0a7dcbd1d199462f6f9768cff01],

Physical Sectors: 0
(No malicious items detected)


(end)

 

MBAM THORO SCAN LOG:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/14/2016
Scan Time: 6:17 AM
Logfile: MBAM-thoro-scan.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.14.02
Rootkit Database: v2016.03.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: RISE

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 374741
Time Elapsed: 21 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.MultiPlug, C:\Program Files (x86)\StepOne\StepOne.dll.mwt, , [f1b9f98e663378be52b6e458b34e4cb4],
PUP.Optional.MultiPlug, C:\Program Files (x86)\Mozilla Firefox\dbghelp.dll.mwt, , [3d6da3e459402610182d8ab9f110728e],

Physical Sectors: 0
(No malicious items detected)


(end)



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:09 PM

Posted 14 March 2016 - 09:26 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===


Please post the logs.

Let me know what problems persists with this computer.

#3 Arie_Dub

Arie_Dub
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 16 March 2016 - 12:59 AM

Thanks for the fast reply!

 

I originally ran MWAV-eScan AV AntiVirus Toolkit (14.0.235 DB) more than once and these files kept being recreated whic is why I came to your site after doing a search.

 

This was some of the output of those pesky files:

 

Scanning KHLM/System/Currentcontrolset/service

Error(2)!!! Scanfile fails for c:/windows/system32/driver/1394ohci.sys

Error(2)!!! Invalid entry for c:/Users/RISE/AppData/Local/AlSysIO64.sys

Action Taken: Removing

 

 

Detected:

DropboxUninstaller.exe.mwt

Action Taken: Renamed

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:09 PM

Posted 16 March 2016 - 09:56 AM

Remove this program via the Control Panel > Programs and Fearutes applet.
ClearNIcieBrowse (HKLM-x32\...\{604B50C8-59DF-C3D0-EC52-CD17D7D40A30}) (Version: - )
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to the a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
R3 ALSysIO; \??\C:\Users\RISE\AppData\Local\Temp\ALSysIO64.sys 
C:\Users\RISE\AppData\Local\Temp\ALSysIO64.sys

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

CHR dev: Chrome dev build detected! <======= ATTENTION

Your copy of Chrome has been compromised

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants.

Clear your Chrome cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

===

Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

Before you do Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

Re-install Chrome and the Bookmarks.

If you want to save all your settings refer to this page.
Follow the instructions before removing Chrome.
http://juan2geek.com/how-to-backup-and-restore-entire-google-chrome-setting/
<<<>>>

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If still present after the update you can remove the old version(s) of Java via the Control Panel > Programs and Features applet.
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)


Please let me know what problem persists with this computer.

#5 Arie_Dub

Arie_Dub
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 19 March 2016 - 05:59 AM

Cannot remove:

 

"Remove this program via the Control Panel > Programs and Fearutes applet.
ClearNIcieBrowse (HKLM-x32\...\{604B50C8-59DF-C3D0-EC52-CD17D7D40A30}) (Version: - )"

 

or

 

"Picture Downloader Professional"

 

they boyh give me the same error when i try:

 

"An error occured while trying to uninstall _______.  It may have been already uninstalled."

 

but it was probably deleted by an anti-virus program.  Just like the "Dropbox Uninstaller" that gor renamed then deleted.

ttthat's why I prefer to reneame then delete right away. In case it is still needed.

 

These files I cannot delete from my:

 

C:/Users/RISE/AppData/Local/Temp/etilqs_lA7BAaTIST8OcXL

"                                                      "/etilqs_sr3jo6JXFPL13Ov

"                                                      "FXSAPIDebugLogFile.txt

 

Thank You RE

 

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:09 PM

Posted 19 March 2016 - 08:28 AM


C:/Users/RISE/AppData/Local/Temp/etilqs_lA7BAaTIST8OcXL
" "/etilqs_sr3jo6JXFPL13Ov
" "FXSAPIDebugLogFile.txt


These files are generated by a program using the SQLite database engine. The etilqs in etilqs_oF0FH4tamunzfdY is lower case SQLite spelled backwards. The rest of the filename are simply randomly selected letters and numbers that attempt to create a unique file name that will not conflict with any previously named file on your system.

You may be able to delete them in Safe mode but I'm sure other will be created by the application.
Nothing to worry about.

=====

These programs have been removed and these entries are still listed in the registry.
ClearNIcieBrowse (HKLM-x32\...\{604B50C8-59DF-C3D0-EC52-CD17D7D40A30}) (Version: - )"
Picture Downloader Professional (HKLM-x32\...\{C816B74A-76DD-F936-7C6E-56E2B881B487}) (Version: - )

I can help remove these items.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


If your operating system is 64 bit download this tool:
SystemLook_x64.exe
  • Double-click SystemLook.exe
  • to run it.
  • Copy and paste the content
  • of the following bold text into the main textfield:
    604B50C8-59DF-C3D0-EC52-CD17D7D40A30
    C816B74A-76DD-F936-7C6E-56E2B881B487[/b]
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop entitled SystemLook.txt.
===

Any remaining issues with this computer?

#7 Arie_Dub

Arie_Dub
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 19 March 2016 - 11:43 PM

I never installed Chrome or use Chrome for that matter!  Was Chrome the "ClearNIcieBrowse"?  I removed the evtries from the REg with CCleaner and ran SystemLook. Thanks RE

 

Attached Files



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:09 PM

Posted 20 March 2016 - 07:17 AM


Lookiing good.

A Google search for ClearNIcieBrowse reports only one instance. It's from your log.
Do not how it was set on your computer. Possibly by a previous infection.
Nothing is showing in the Registry so you are clean.

===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#9 Arie_Dub

Arie_Dub
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 20 March 2016 - 03:21 PM

i have to other computers running Win7 64x that had the same infection! all from when I was downloading software to reset my android tab.  I should have a sacraficial computer for that task only.  The infection seemed to have spread within my network. Should I run all the same software on both of those other Win7 64x that were infected with "Alsysio64.sys" & 1394ohci.sys" & post their log files in this thread? Thanks RE



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:09 PM

Posted 21 March 2016 - 06:49 AM

We do not give advice on more than one computer per topic.

You will need to create other topics for the compromised computers.
Run the Farbar tool and post in the new topic(s) the FRST and Addition.txt files for review.

p.s.
If the malware spread to your other computer on the network it could mean that your router is infected.
Something to think about.


Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

#11 Arie_Dub

Arie_Dub
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 21 March 2016 - 08:11 PM

Just replaced/upgraded my whole network to a gigabit net at xmas. But one router was a used/clearance item from the store and seemed fine out of the box. I'll do a factory reset and firmware flash/upgrade if possible. I have my parents on my net so they are my major security risk as their computers are the 1's that get infected usually.  Could there also be that new usb autorun firmware virus?  Because when I opened that Android OS Factory Reinstall  for my dad's tablet that was infected, it was like a virus bomb/Trojan Horse, as I detected and removed viruses there was always more hiding in the empty space on my hard drive, recreating, and reinserting itself into the Reg. Thanks RE



#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:09 PM

Posted 22 March 2016 - 06:49 AM

Download and Run FlashDisinfector just to make sure they are protected.

You may have a flash drive infection. These worms travel through your portable drives. If they have been connected to other machines, they may now be infected.
  • Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
    Note: Some security programs will flag Flash_Disinfector as being some sort of malware, you can safely ignore these warnings
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder. It will help protect your drives from future infection.

#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:09 PM

Posted 22 March 2016 - 09:05 AM

Unless you close the topic you started this morning I'm closing this one.

http://www.bleepingcomputer.com/forums/t/608615/alsysio64sys/

#14 Arie_Dub

Arie_Dub
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 23 March 2016 - 04:13 PM

You told me to start another topic for my other computer, so I did!!  I don't see any options to "Close a topic" anywhere!  I just stopped posting on this topic, and you never, or any other moderator responded to that other topic!  That computer u cleaned is reinfected with 'alsysio64.sys' and all I've done with it is scan it and update windows, java, anti-virus, anti-malware! FlashDisinfector does not even install. Thanks RE



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:09 PM

Posted 24 March 2016 - 08:15 AM


Sorry I took for granted that this was just an other post for the same computer.
I will take care of the second post right now.

For this computer run this tool.

Please Download and run the ComboFix tool.

How to use ComboFix
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Follow the instructions on the page.

Post the content of the C:\ComboFix.txt file for my review.

p.s.
When all is well you can remove the tool by following the Uninstall instructions on the same page.

====




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users