Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked homepage


  • Please log in to reply
14 replies to this topic

#1 PGHinBKK

PGHinBKK

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 26 September 2012 - 05:37 AM

Hi all! Just wanted to warn people who, like myself, like to collect movies, music vids and odd stuff from the net. I was searching for a tube-downloader that would work with several tube-type sites, and found one called 'TubeSucker'. This thing has now hijacked my homepage. I have my homepage set to 'Altavista.com', but when I open Firefox it still opens on a site called "th.hao123". It's a Thai site (yes, I live and work in Thailand.)
I've deleted as much of the program that I can find, (the Tubesucker program did not install properly and the uninstall function said it woud only work if it had.)


I ran msconfig and unchecked everything on the startup tab...rebooted into safemode. ran malwarebytes in safemode. It found nothing, and when I got back into normal mode, the Thai site still has my homepage. The homepage is still listed (in 'Options') as Altavista, but the Thai site is the one that comes up. On ‘Uninstall/Delete programs’, there is nothing listed with this name.

I ran CCleaner, on both theWindows/ internet clean-up mode and the applications but it didn’t help.

Could it be lurking in the Temporary Internet files? I have the latest version of Firefox as my browser (hate it),can you tell me how to get to the temporary internet file folder?

Is there any way to get rid of the last traces of this thing? It's annoying to have my homepage open on a Thai site.

Thanks. Good to be back on this site.
Life is strange......and then there's Thailand....

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:22 PM

Posted 26 September 2012 - 06:41 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 26 September 2012 - 09:37 PM

Narenxp,
Thanks for the prompt reply, it is much appreciated.

I ran the TDSSKiller, it says it found nothing.

Question: the other day I downloaded AVG 2013 (I had been running the 2012)...if I download the Avast AV program, won' they 'clash'?

The ESET onlinee scanner says it could not get the update and asked me if my proxy was configured. I do not use a proxy, just a lanline.

Edited by PGHinBKK, 26 September 2012 - 09:44 PM.

Life is strange......and then there's Thailand....

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:22 PM

Posted 26 September 2012 - 09:42 PM

This is not avast antivirus.This is an Avast antirootkit tool.

#5 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 26 September 2012 - 09:50 PM

Narenxp, wow you must be online now. Thanks so much for the quickness of the reply. OK, I'll do that now and re-post shortly. :thumbup2:
Life is strange......and then there's Thailand....

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:22 PM

Posted 26 September 2012 - 09:52 PM

The ESET onlinee scanner says it could not get the update and asked me if my proxy was configured. I do not use a proxy, just a lanline.


Try to run it in safemode with networking.After finishing ESET scan continue with these scans

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#7 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 26 September 2012 - 09:58 PM

Narenxp,

You amaze me....that's a lot of info and advice, thanks very much.

Here's the Avast scan log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-27 09:51:30
-----------------------------
09:51:30.600 OS Version: Windows 6.0.6001 Service Pack 1
09:51:30.600 Number of processors: 2 586 0x170A
09:51:30.600 ComputerName: DAVID-PC UserName: David
09:51:52.265 Initialize success
09:52:19.553 AVAST engine download error: 0
09:52:30.360 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:52:30.365 Disk 0 Vendor: Hitachi_HTS545050B9A300 PB4OC64G Size: 476940MB BusType: 3
09:52:30.385 Disk 0 MBR read successfully
09:52:30.397 Disk 0 MBR scan
09:52:30.402 Disk 0 Windows VISTA default MBR code
09:52:30.416 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238468 MB offset 2048
09:52:30.441 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238469 MB offset 488384512
09:52:30.464 Disk 0 scanning sectors +976769024
09:52:30.536 Disk 0 scanning C:\Windows\system32\drivers
09:52:36.816 Service scanning
09:52:57.783 Modules scanning
09:53:04.334 Disk 0 trace - called modules:
09:53:04.363 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS
09:53:04.377 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b57328]
09:53:04.402 3 CLASSPNP.SYS[85fc3745] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84278398]
09:53:04.412 Scan finished successfully
09:53:41.178 Disk 0 MBR has been saved successfully to "C:\software\MBR.dat"
09:53:41.187 The log file has been saved successfully to "C:\software\aswMBR.txt"


Back soon.

OK, here's the FSS scan log:

Farbar Service Scanner Version: 19-09-2012
Ran by David (administrator) on 27-09-2012 at 10:00:36
Running from "C:\software"
Microsoft® Windows Vista Black Edition™ 2009 Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Back soon.

OK, here's the AdwCleaner log...which BTW is one of the fastest programs I've ever seen! Thanks again...

# AdwCleaner v2.003 - Logfile created 09/27/2012 at 10:04:16
# Updated 23/09/2012 by Xplode
# Operating system : Windows Vista ™ Black Edition 2009 Service Pack 1 (32 bits)
# User : David - DAVID-PC
# Boot Mode : Normal
# Running from : C:\software\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mxp7i6km.default\searchplugins\Askcom.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mxp7i6km.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\David\AppData\Local\Conduit
Folder Deleted : C:\Users\David\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\David\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mxp7i6km.default\ConduitCommon
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mxp7i6km.default\CT2830765
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mxp7i6km.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18000

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2830765 --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mxp7i6km.default\prefs.js

Deleted : user_pref("CT2830765..clientLogIsEnabled", false);
Deleted : user_pref("CT2830765..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2830765..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2830765.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2830765.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2830765.AppTrackingLastCheckTime", "Thu Jun 14 2012 19:46:15 GMT+0700 (SE Asia Standard[...]
Deleted : user_pref("CT2830765.CTID", "CT2830765");
Deleted : user_pref("CT2830765.CurrentServerDate", "24-6-2012");
Deleted : user_pref("CT2830765.DSChangedManually", false);
Deleted : user_pref("CT2830765.DSInstall", true);
Deleted : user_pref("CT2830765.DSProtectChoice", true);
Deleted : user_pref("CT2830765.DSProtectCount", 1);
Deleted : user_pref("CT2830765.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2830765.DialogsGetterLastCheckTime", "Sat Jun 23 2012 13:48:01 GMT+0700 (SE Asia Standa[...]
Deleted : user_pref("CT2830765.DownloadReferralCookieData", "");
Deleted : user_pref("CT2830765.FirstServerDate", "6-4-2012");
Deleted : user_pref("CT2830765.FirstTime", true);
Deleted : user_pref("CT2830765.FirstTimeFF3", true);
Deleted : user_pref("CT2830765.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2830765.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2830765.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2830765.HPInstall", true);
Deleted : user_pref("CT2830765.HasUserGlobalKeys", true);
Deleted : user_pref("CT2830765.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2830765.HomepageBeforeUnload", "hxxp://www.altavista.com");
Deleted : user_pref("CT2830765.Initialize", true);
Deleted : user_pref("CT2830765.InitializeCommonPrefs", true);
Deleted : user_pref("CT2830765.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2830765.InstallationId", "ConduitNSISIntegration");
Deleted : user_pref("CT2830765.InstallationType", "ConduitXPEIntegration");
Deleted : user_pref("CT2830765.InstalledDate", "Fri Apr 06 2012 14:49:26 GMT+0700 (SE Asia Standard Time)");
Deleted : user_pref("CT2830765.IsAlertDBUpdated", true);
Deleted : user_pref("CT2830765.IsGrouping", false);
Deleted : user_pref("CT2830765.IsInitSetupIni", true);
Deleted : user_pref("CT2830765.IsMulticommunity", false);
Deleted : user_pref("CT2830765.IsOpenThankYouPage", false);
Deleted : user_pref("CT2830765.IsOpenUninstallPage", true);
Deleted : user_pref("CT2830765.IsProtectorsInit", true);
Deleted : user_pref("CT2830765.LanguagePackLastCheckTime", "Sat Jun 23 2012 13:47:59 GMT+0700 (SE Asia Standar[...]
Deleted : user_pref("CT2830765.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2830765.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2830765.LastLogin_3.10.0.455", "Sun Jun 24 2012 05:48:01 GMT+0700 (SE Asia Standard Tim[...]
Deleted : user_pref("CT2830765.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT2830765.Locale", "en-us");
Deleted : user_pref("CT2830765.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2830765.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2830765.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2830765.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2830765.OriginalFirstVersion", "3.10.0.455");
Deleted : user_pref("CT2830765.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2830765.SavedHomepage", "hxxp://www.altavista.com");
Deleted : user_pref("CT2830765.SearchBoxWidth", 127);
Deleted : user_pref("CT2830765.SearchCaption", "Bitlord 1.2 Customized Web Search");
Deleted : user_pref("CT2830765.SearchEngine", "Web%20Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEAR[...]
Deleted : user_pref("CT2830765.SearchEngineBeforeUnload", "Bitlord 1.2 Customized Web Search");
Deleted : user_pref("CT2830765.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2830765.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB6[...]
Deleted : user_pref("CT2830765.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2830765.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2830765.SearchInNewTabLastCheckTime", "Sat Jun 23 2012 13:47:58 GMT+0700 (SE Asia Stand[...]
Deleted : user_pref("CT2830765.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2830765.SearchProtectorEnabled", true);
Deleted : user_pref("CT2830765.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2830765.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2830765.ServiceMapLastCheckTime", "Sat Jun 23 2012 13:47:59 GMT+0700 (SE Asia Standard [...]
Deleted : user_pref("CT2830765.SettingsLastCheckTime", "Sat Jun 23 2012 21:50:54 GMT+0700 (SE Asia Standard Ti[...]
Deleted : user_pref("CT2830765.SettingsLastUpdate", "1337169810");
Deleted : user_pref("CT2830765.TBHomePageUrl", "hxxp://search.conduit.com/?SSPV=FFOB6&ctid=CT2830765&SearchSou[...]
Deleted : user_pref("CT2830765.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2830765.ThirdPartyComponentsLastCheck", "Thu Jun 14 2012 19:46:02 GMT+0700 (SE Asia Sta[...]
Deleted : user_pref("CT2830765.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2830765.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2830765.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2830765");
Deleted : user_pref("CT2830765.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2830765.UserID", "UN07603068316507544");
Deleted : user_pref("CT2830765.ValidationData_Search", 2);
Deleted : user_pref("CT2830765.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2830765.alertChannelId", "1222832");
Deleted : user_pref("CT2830765.appApproved.129373346914725908", true);
Deleted : user_pref("CT2830765.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT2830765.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2830765.globalFirstTimeInfoLastCheckTime", "Thu Jun 14 2012 19:46:04 GMT+0700 (SE Asia [...]
Deleted : user_pref("CT2830765.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2830765.initDone", true);
Deleted : user_pref("CT2830765.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2830765.myStuffEnabled", true);
Deleted : user_pref("CT2830765.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2830765.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2830765.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2830765.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2830765.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2830765.oldAppsList", "129331842495825790,129331842496294546,111,129360156979906390,129[...]
Deleted : user_pref("CT2830765.revertSettingsEnabled", true);
Deleted : user_pref("CT2830765.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2830765.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2830765.testingCtid", "");
Deleted : user_pref("CT2830765.toolbarAppMetaDataLastCheckTime", "Sat Jun 23 2012 13:47:59 GMT+0700 (SE Asia S[...]
Deleted : user_pref("CT2830765.toolbarContextMenuLastCheckTime", "Thu Jun 14 2012 19:46:03 GMT+0700 (SE Asia S[...]
Deleted : user_pref("CT2830765.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?SSPV=FFOB6&ctid=CT283[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Bitlord 1.2 Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2830765/CT2830765[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1222832/1218505/TH", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2830765", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2830765",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\David\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.455");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://facebook.conduitapps.com/v213/gadget.html", "[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2830765");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2830765");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2830765");
Deleted : user_pref("CommunityToolbar.globalUserId", "78c7bbae-bc9a-4e91-9815-a85398b2191c");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2830765");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Jun 23 2012 13:48:0[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Jun 23 2012 13:48:07 GMT+070[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Jun 23 2012 13:47:59 GMT+0700 (S[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "5268e7cd-d42f-47b6-a52a-b85be9c87f80");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.altavista.com");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "Bitlord 1.2 Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB6&ctid=CT[...]
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B2050f0f3-ceb0-4b65-a6cc-28ca58c09bd8%[...]
Deleted : user_pref("tfp.CT2830765", true);

*************************

AdwCleaner[R1].txt - [15525 octets] - [27/09/2012 10:02:49]
AdwCleaner[R2].txt - [15586 octets] - [27/09/2012 10:04:04]
AdwCleaner[S1].txt - [15766 octets] - [27/09/2012 10:04:16]

########## EOF - C:\AdwCleaner[S1].txt - [15827 octets] ##########


But the th.hao123. still has hold of my homepage... :blink:

Edited by PGHinBKK, 26 September 2012 - 10:12 PM.

Life is strange......and then there's Thailand....

#8 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 26 September 2012 - 10:30 PM

Here's the JRT log (BTW, another amazingly fast tool)

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.0 (09.26.2012)
OS: Windows Vista ™ Black Edition 2009 x86
Ran by David on Thu 09/27/2012 at 10:24:14.72
Blog: http://thisisudax.blogspot.com
**************************************************************


*** Registry Values:

Successfully deleted: [VALUE] {8c5878d0-6106-423b-aaa8-144c143dbf44} from: hkey_current_user\software\microsoft\internet explorer\urlsearchhooks


*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}

*** Files:

Failed to delete: [FILE-LOCKED!] C:\eula.1028.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1031.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1033.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1036.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1040.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1041.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1042.txt
Failed to delete: [FILE-LOCKED!] C:\eula.2052.txt
Failed to delete: [FILE-LOCKED!] C:\install.res.1028.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1031.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1033.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1036.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1040.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1041.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1042.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.2052.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.3082.dll


*** Folders: 0 Detections

*** Ask Toolbar: - Remnants removed

*** FireFox detected and repaired:

The below lines were deleted from [FF prefs.js]

=============================

=============================

*** Event Viewer Logs - Cleared


**************************************************************
Scan was completed on Thu 09/27/2012 at 10:24:33.25
End of Report

The th.hao123. still has my homepage. I'm going to run the JRT again in safe mode, back soon.
Life is strange......and then there's Thailand....

#9 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 26 September 2012 - 10:57 PM

Narenxp, here's the JRT log from being run in safe mode...it looks better but the th.hao123. still has my homepage.

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.0 (09.26.2012)
OS: Windows Vista ™ Black Edition 2009 x86
Ran by David on Thu 09/27/2012 at 10:45:22.21
Blog: http://thisisudax.blogspot.com
**************************************************************


*** Registry Values: 0 Detections


*** Registry Keys:

Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}

*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll


*** Folders: 0 Detections


*** Ask Toolbar: - Remnants removed

*** FireFox detected and repaired:

The below lines were deleted from [FF prefs.js]

=============================

=============================

*** Event Viewer Logs - Cleared


**************************************************************
Scan was completed on Thu 09/27/2012 at 10:45:38.78
End of Report

I also ran the other programs again, the AdwareKiller, and the TDSSKiller, but still no luck. :(
Life is strange......and then there's Thailand....

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:22 PM

Posted 27 September 2012 - 01:05 AM

Please post the logs of malwarebytes,ESET scanner and minitoolbox

Edited by narenxp, 27 September 2012 - 01:05 AM.


#11 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 27 September 2012 - 05:06 PM

Narenxp,

Here's the minitoolbox log I just got from running in safe mode. As I mentioned the ESEET scanner is not working, it cannot connect to get whatever it needs from the net, and my internet connection does not work in safe mode. I just get a message in the browser windows that the server cannot be found.

MiniToolBox by Farbar Version: 23-07-2012
Ran by David (administrator) on 28-09-2012 at 04:54:12
Microsoft® Windows Vista Black Edition™ 2009 Service Pack 1 (X86)
Boot Mode: Minimal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : David-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Unable to contact IP driver, error code 1753,

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/28/2012 04:51:35 AM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: AFD
AVGIDSDriver
AVGIDSShim
Avgldx86
Avgmfx86
Avgtdix
CSC
DfsC
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: Network Location AwarenessNetwork Store Interface Service%%1068

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: IP HelperNetwork Store Interface Service%%1068

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: AVGIDSAgentAVGIDSDriver%%31

Error: (09/28/2012 04:52:37 AM) (Source: Service Control Manager) (User: )
Description: WebClientWebDav Client Redirector Driver%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

µTorrent (Version: 2.2.0)
2007 Microsoft Office Suite Service Pack 2 (SP2)
7-Zip 4.42
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Flash Player ActiveX (Version: 9.0.47.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (Version: 1.0.0.38)
Auslogics Registry Cleaner (Version: 2.4)
AVG 2013 (Version: 13.0.2591)
AVG 2013 (Version: 13.0.2677)
AVG 2013 (Version: 2013.0.2677)
Avidemux 2.5 (32-bit) (Version: 2.5.4.7200)
BitLord 2.0
calibre (Version: 0.8.9)
CCleaner (remove only)
Conexant HD Audio (Version: 3.62.0.0)
Debut Video Capture Software
FrostWire 4.20.9 (Version: 4.20.9.0)
HiJackThis (Version: 1.0.0)
HP LaserJet Professional P1100-P1560-P1600 Series
hppLaserJetService (Version: 001.001.0.0)
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)
hppusgP1100P1560P1600Series (Version: 1.0.0.1)
HPSSupply (Version: 2.1.1.0000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
K-Lite Codec Pack 3.9.5 (Full) (Version: 3.9.5)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
Nero Media Player
Prism Video File Converter
RarZilla Free Unrar (Version: 3.30)
Revo Uninstaller 1.94 (Version: 1.94)
SolveigMM AVI Trimmer (Version: 2.0.1108.18)
Spybot - Search & Destroy (Version: 1.6.2)
Star Defender (Version: )
The MagicBook V7
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VLC media player 1.1.8 (Version: 1.1.8)
YTD Video Downloader 3.9
Zipeg (Version: 2.9.3.1253)
Zuma Deluxe RA

========================= Devices: ================================

Name: Video Controller
Description: Video Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Network Controller
Description: Network Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 952.18 MB
Available physical RAM: 642.06 MB
Total Pagefile: 2162.71 MB
Available Pagefile: 1970.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.4 MB

========================= Partitions: =====================================

1 Drive c: (New Volume) (Fixed) (Total:232.88 GB) (Free:171.7 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:232.88 GB) (Free:130.46 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator David Guest

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

08-09-2012 01:25:08 Scheduled Checkpoint
09-09-2012 12:52:22 Scheduled Checkpoint
10-09-2012 01:17:03 Scheduled Checkpoint
12-09-2012 06:50:02 Scheduled Checkpoint
13-09-2012 03:56:32 Scheduled Checkpoint
13-09-2012 17:00:07 Scheduled Checkpoint
14-09-2012 05:55:03 Device Driver Package Install: Hewlett-Packard, Inc. Universal Serial Bus controllers
14-09-2012 05:56:59 Device Driver Package Install: Marvell Printers
14-09-2012 05:58:09 Device Driver Package Install: Marvell Printers
14-09-2012 05:58:58 Device Driver Package Install: Marvell Printers
14-09-2012 05:59:35 Device Driver Package Install: Hewlett-Packard, Inc. Universal Serial Bus controllers
18-09-2012 11:06:34 Scheduled Checkpoint
19-09-2012 14:44:35 Scheduled Checkpoint
20-09-2012 04:04:29 Scheduled Checkpoint
20-09-2012 17:00:09 Scheduled Checkpoint
21-09-2012 10:29:58 Scheduled Checkpoint
22-09-2012 17:00:14 Scheduled Checkpoint
23-09-2012 17:00:10 Scheduled Checkpoint
24-09-2012 17:00:13 Scheduled Checkpoint
25-09-2012 15:07:13 Scheduled Checkpoint
25-09-2012 22:37:40 Installed AVG 2013
25-09-2012 22:38:33 Removed AVG 2012
25-09-2012 22:39:34 Installed AVG 2013
25-09-2012 22:45:33 Removed AVG 2012
26-09-2012 09:07:42 Revo Uninstaller's restore point - Microsoft Visual C++ 2005 Redistributable
26-09-2012 09:09:25 Removed Microsoft Visual C++ 2005 Redistributable

**** End of log ****

Thanks
Life is strange......and then there's Thailand....

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:22 PM

Posted 27 September 2012 - 05:07 PM

Here's the minitoolbox log I just got from running in safe mode. As I mentioned the ESEET scanner is not working, it cannot connect to get whatever it needs from the net, and my internet connection does not work in safe mode. I just get a message in the browser windows that the server cannot be found.


You have to boot into safemode with networking and not safemode

#13 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 21 October 2012 - 01:31 AM

Narenxp, sorry for the delay. I've never tried booting into safemode that way (no one's ever explained the need to do so) but I'll try ti tonight and let you know.

Thanks for your patience. :busy:

Edited by PGHinBKK, 21 October 2012 - 01:32 AM.

Life is strange......and then there's Thailand....

#14 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:08:22 AM

Posted 21 October 2012 - 07:31 AM

Narenxp, here's a MiniToolBox log from just a few minutes ago after booting into SafeMode with Networking:


MiniToolBox by Farbar Version: 23-07-2012
Ran by David (administrator) on 21-10-2012 at 19:15:24
Microsoft® Windows Vista Black Edition™ 2009 Service Pack 1 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : David-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Physical Address. . . . . . . . . : 00-1F-16-C7-01-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a09b:b94c:5bda:76ca%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, October 21, 2012 7:13:56 PM
Lease Expires . . . . . . . . . . : Monday, October 22, 2012 7:13:56 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{552293CB-DFA1-4E93-99FD-D9CE2F49FDAF}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 74.125.135.100
74.125.135.102
74.125.135.138
74.125.135.139
74.125.135.113
74.125.135.101



Pinging google.com [74.125.135.100] with 32 bytes of data:

Reply from 74.125.135.100: bytes=32 time=43ms TTL=50

Reply from 74.125.135.100: bytes=32 time=44ms TTL=50



Ping statistics for 74.125.135.100:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 43ms, Maximum = 44ms, Average = 43ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=582ms TTL=41

Reply from 72.30.38.140: bytes=32 time=522ms TTL=41



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 522ms, Maximum = 582ms, Average = 552ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
10 ...00 1f 16 c7 01 81 ...... Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.{552293CB-DFA1-4E93-99FD-D9CE2F49FDAF}
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 276
192.168.1.2 255.255.255.255 On-link 192.168.1.2 276
192.168.1.255 255.255.255.255 On-link 192.168.1.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::a09b:b94c:5bda:76ca/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/21/2012 07:14:18 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/21/2012 06:25:57 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {3ba2926d-6a8f-4a1c-8d89-6f2252c90de2}

Error: (10/16/2012 07:52:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 07:52:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 07:42:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 07:42:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 07:42:30 AM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/15/2012 02:15:57 PM) (Source: Application Error) (User: )
Description: Faulting application RunDLL32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000,
process id 0x694, application start time 0xRunDLL32.exe0.

Error: (10/15/2012 01:49:31 PM) (Source: Application Error) (User: )
Description: Faulting application DllHost.exe, version 6.0.6000.16386, time stamp 0x4549b14e, faulting module avisplitter.ax, version 1.0.0.9, time stamp 0x47934008, exception code 0xc000000d, fault offset 0x000220b4,
process id 0x17d0, application start time 0xDllHost.exe0.

Error: (10/15/2012 03:18:00 AM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 16.0.1.4666, time stamp 0x5076192e, faulting module xul.dll, version 16.0.1.4666, time stamp 0x50761893, exception code 0xc0000005, fault offset 0x000be717,
process id 0x5f4, application start time 0xfirefox.exe0.


System errors:
=============
Error: (10/21/2012 07:15:12 PM) (Source: Service Control Manager) (User: )
Description: AVGIDSDriver
AVGIDSShim
Avgldx86
spldr
Wanarpv6

Error: (10/21/2012 07:15:12 PM) (Source: Service Control Manager) (User: )
Description: AVGIDSAgentAVGIDSDriver%%31

Error: (10/21/2012 07:15:12 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (10/21/2012 07:14:25 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/21/2012 07:14:21 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (10/21/2012 07:14:18 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/21/2012 07:14:09 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/21/2012 07:13:53 PM) (Source: sptd) (User: )
Description: Driver detected an internal error in its data structures for .

Error: (10/21/2012 07:13:27 PM) (Source: sptd) (User: )
Description: Driver detected an internal error in its data structures for .

Error: (10/21/2012 07:12:22 PM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

µTorrent (Version: 2.2.0)
2007 Microsoft Office Suite Service Pack 2 (SP2)
7-Zip 4.42
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Flash Player ActiveX (Version: 9.0.47.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Altap Salamander 2.54 (Version: 2.54)
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (Version: 1.0.0.38)
Auslogics Registry Cleaner (Version: 2.4)
AVG 2013 (Version: 13.0.2614)
AVG 2013 (Version: 13.0.2741)
AVG 2013 (Version: 2013.0.2741)
Avidemux 2.5 (32-bit) (Version: 2.5.4.7200)
BitLord 2.0
calibre (Version: 0.8.9)
CCleaner (remove only)
Conexant HD Audio (Version: 3.62.0.0)
Debut Video Capture Software
FrostWire 4.20.9 (Version: 4.20.9.0)
HiJackThis (Version: 1.0.0)
HP LaserJet Professional P1100-P1560-P1600 Series
hppLaserJetService (Version: 001.001.0.0)
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)
hppusgP1100P1560P1600Series (Version: 1.0.0.1)
HPSSupply (Version: 2.1.1.0000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
K-Lite Codec Pack 3.9.5 (Full) (Version: 3.9.5)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
Nero Media Player
Prism Video File Converter
RarZilla Free Unrar (Version: 3.30)
Revo Uninstaller 1.94 (Version: 1.94)
SolveigMM AVI Trimmer (Version: 2.0.1108.18)
Spybot - Search & Destroy (Version: 1.6.2)
Star Defender (Version: )
The MagicBook V7
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VLC media player 1.1.8 (Version: 1.1.8)
YTD Video Downloader 3.9
Zipeg (Version: 2.9.3.1253)
Zuma Deluxe RA

========================= Devices: ================================

Name: isatap.{552293CB-DFA1-4E93-99FD-D9CE2F49FDAF}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp

Name: ACPI x86-based PC
Description: ACPI x86-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Description: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Standard VGA Graphics Adapter
Description: Standard VGA Graphics Adapter
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: vga

Name: Video Controller
Description: Video Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: ST380215 A USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Conexant High Definition Audio
Description: Conexant High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Conexant
Service: CnxtHdAudService

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1E

Name: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Network Controller
Description: Network Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Video WebCam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® ICH9M LPC Interface Controller - 2919
Description: Intel® ICH9M LPC Interface Controller - 2919
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929
Description: Intel® ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msahci

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Hitachi HTS545050B9A300 ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: HL-DT-ST DVDRAM GT30N ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: ATA Channel 4
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: ATA Channel 5
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Extended IO Bus
Description: Extended IO Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: SCSI/RAID Host Controller
Description: SCSI/RAID Host Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: andxkw6u
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Pentium® Dual-Core CPU T4300 @ 2.10GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Pentium® Dual-Core CPU T4300 @ 2.10GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Microsoft iSCSI Initiator
Description: Microsoft iSCSI Initiator
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: iScsiPrt

Name: Ancilliary Function Driver for Winsock
Description: Ancilliary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi

Name: AVG network filter service
Description: AVG network filter service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgfwfd

Name: AVGIDSDriver
Description: AVGIDSDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSDriver

Name: AVGIDSHX
Description: AVGIDSHX
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSHX

Name: AVGIDSShim
Description: AVGIDSShim
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSShim

Name: AVG AVI Loader Driver
Description: AVG AVI Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgldx86

Name: AVG Logging Driver
Description: AVG Logging Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avglogx

Name: AVG TDI Driver
Description: AVG TDI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgtdix

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: Crcdisk Filter Driver
Description: Crcdisk Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: crcdisk

Name: Offline Files Driver
Description: Offline Files Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSC

Name: BitLocker Drive Encryption Filter Driver
Description: BitLocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MountMgr

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: ISA/EISA Class Driver
Description: ISA/EISA Class Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: netbt

Name: NSI proxy service
Description: NSI proxy service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PSched

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Description: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Smb

Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: rdpdr

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap


========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 952.18 MB
Available physical RAM: 616.4 MB
Total Pagefile: 2160.75 MB
Available Pagefile: 1947.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1964.38 MB

========================= Partitions: =====================================

1 Drive c: (New Volume) (Fixed) (Total:232.88 GB) (Free:170.44 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:232.88 GB) (Free:151.28 GB) NTFS
4 Drive f: (David) (Fixed) (Total:35.46 GB) (Free:26.49 GB) NTFS
5 Drive g: (David) (Fixed) (Total:39.06 GB) (Free:3.58 GB) NTFS

========================= Users: ========================================

User accounts for \\DAVID-PC

Administrator David Guest

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

26-09-2012 09:07:42 Revo Uninstaller's restore point - Microsoft Visual C++ 2005 Redistributable
26-09-2012 09:09:25 Removed Microsoft Visual C++ 2005 Redistributable
28-09-2012 00:05:11 Scheduled Checkpoint
29-09-2012 01:46:22 Scheduled Checkpoint
30-09-2012 04:22:08 Scheduled Checkpoint
30-09-2012 18:24:44 Scheduled Checkpoint
01-10-2012 17:00:12 Scheduled Checkpoint
02-10-2012 17:00:16 Scheduled Checkpoint
04-10-2012 03:43:31 Scheduled Checkpoint
05-10-2012 04:44:49 Scheduled Checkpoint
07-10-2012 02:21:41 Scheduled Checkpoint
09-10-2012 16:51:38 Scheduled Checkpoint
10-10-2012 20:12:28 Scheduled Checkpoint
11-10-2012 17:00:19 Scheduled Checkpoint
12-10-2012 10:42:53 Scheduled Checkpoint
13-10-2012 17:00:14 Scheduled Checkpoint
14-10-2012 10:34:37 Scheduled Checkpoint
15-10-2012 17:00:12 Scheduled Checkpoint
16-10-2012 08:14:20 Device Driver Package Install: AVG Technologies Network Service
20-10-2012 17:01:03 Scheduled Checkpoint
21-10-2012 10:26:39 Scheduled Checkpoint
21-10-2012 11:25:58 SPTD setup V1.43

**** End of log ****


Hope this helps. Thanks
Life is strange......and then there's Thailand....

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:22 PM

Posted 22 October 2012 - 07:16 PM

ESET scanner log?

Reboot into normal mode

Try this

Export your bookmarks from firefox

http://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

After exporting it

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox and import your bookmarks

Let me know how it goes

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users