Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help needed HI.ru


  • Please log in to reply
9 replies to this topic

#1 WhiteKnight4U

WhiteKnight4U

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 03 February 2015 - 03:46 AM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Admin (administrator) on 03-02-2015 at 14:44:56
Running from "C:\Users\Miki\Desktop"
Microsoft Windows 8 Enterprise  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet 2 (Connected)
TAP-Windows Adapter V9 = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : acer
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-4E-8D-F3-89
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 



BC AdBot (Login to Remove)

 


#2 WhiteKnight4U

WhiteKnight4U
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 03 February 2015 - 03:47 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8 Enterprise x64
Ran by Admin on 03/02/2015 at 14:51:38.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu security"



~~~ FireFox

Successfully deleted the following from C:\Users\Miki\AppData\Roaming\mozilla\firefox\profiles\f71iq42u.default\prefs.js

user_pref("CT3289075.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3289075.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3289075.appOptions", "{\"130065467157583925\":{\"render\":true,\"disabled\":true,\"appGuid\":\"2d2f2f16-9432-4890-9f93-624a84cf6261\",\"appClientGuid\":\"\",\"isP
user_pref("CT3289075.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3289075.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3289075.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.utorrent.com%2Fhelp%2Ffaq\",\"EB_MAIN_FRAME_TITLE\":\"General%2
user_pref("CT3289075.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3289075.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3289075.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289075\"}");
user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv6.OurToolbar.com//xpi\"}");
user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v6 \"}");
user_pref("CT3289075.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3289075.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT3289075_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1388285698388,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("extensions.betterff.surfcanyon.ramp.start_time", "1422947461288");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/02/2015 at 14:57:00.32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#3 WhiteKnight4U

WhiteKnight4U
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 03 February 2015 - 03:50 AM

# AdwCleaner v4.109 - Report created 03/02/2015 at 15:19:42
# Updated 24/01/2015 by Xplode
# Database : 2015-02-02.1 [Live]
# Operating System : Windows 8 Enterprise  (64 bits)
# Username : Admin - ACER
# Running from : C:\Users\Miki\Desktop\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****

[x] Not Deleted : YahooAUService

***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16384


-\\ Mozilla Firefox v33.0.2 (x86 en-US)

[f71iq42u.default\prefs.js] - Line Deleted : user_pref("extensions.betterff.surfcanyon.ramp.start_time", "1422950960407");

-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R0].txt - [7593 octets] - [03/02/2015 14:05:04]
AdwCleaner[R1].txt - [1039 octets] - [03/02/2015 15:01:34]
AdwCleaner[R2].txt - [1160 octets] - [03/02/2015 15:16:43]
AdwCleaner[S0].txt - [7600 octets] - [03/02/2015 14:11:50]
AdwCleaner[S1].txt - [1114 octets] - [03/02/2015 15:05:07]
AdwCleaner[S2].txt - [1095 octets] - [03/02/2015 15:19:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1155 octets] ##########
 


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2015_02_03_15_27_20
OS: Windows 8 - 64 Bit
Account Name: Admin
U0L0S21

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.35_0\img\signals.whitesmoke.15px.faster.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.35_0\img\signals.whitesmoke.15px.fastest.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.35_0\img\signals.whitesmoke.15px.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.35_0\img\signals.whitesmoke.png
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.40.1_0\img\signals.whitesmoke.15px.faster.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.40.1_0\img\signals.whitesmoke.15px.fastest.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.40.1_0\img\signals.whitesmoke.15px.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.40.1_0\img\signals.whitesmoke.png
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.41_0\img\signals.whitesmoke.15px.faster.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.41_0\img\signals.whitesmoke.15px.fastest.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.41_0\img\signals.whitesmoke.15px.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.41_0\img\signals.whitesmoke.png
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.44_0\img\signals.whitesmoke.15px.faster.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.44_0\img\signals.whitesmoke.15px.fastest.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.44_0\img\signals.whitesmoke.15px.gif
Deleted - File - C:\Users\Miki\Appdata\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.4.44_0\img\signals.whitesmoke.png
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}

\\ Finished
 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 03 February 2015 - 03:52 AM

The minitoolbox log is incomplete. :)



#5 WhiteKnight4U

WhiteKnight4U
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 03 February 2015 - 04:32 AM

 Results of screen317's Security Check version 0.99.96  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Avira Desktop      
Windows Defender   
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
  Java 64-bit 8 Update 31  
 Adobe Flash Player     16.0.0.296  
 Mozilla Firefox 33.0.2 Firefox out of Date!  
 Mozilla Thunderbird 24.5.0 Thunderbird out of Date!  
 Google Chrome (40.0.2214.93)
 Google Chrome (40.0.2214.94)
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

And after this I still have the problem

 

The minitoolbox log is incomplete. :)

OK will run again



#6 WhiteKnight4U

WhiteKnight4U
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 03 February 2015 - 04:34 AM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Admin (administrator) on 03-02-2015 at 16:33:12
Running from "C:\Users\Miki\Desktop"
Microsoft Windows 8 Enterprise  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet 2 (Connected)
TAP-Windows Adapter V9 = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : acer
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-4E-8D-F3-89
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : BC-5F-F4-8D-67-09
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::cc82:119:d0a0:eb66%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.33(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 03 February 2015 16:26:21
   Lease Expires . . . . . . . . . . : 03 February 2015 17:26:21
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 297558004
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-FB-3F-E5-00-1F-3A-92-59-8F
   DNS Servers . . . . . . . . . . . : 203.144.206.49
                                       203.144.206.29
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  203-144-206-49.static.asianet.co.th
Address:  203.144.206.49

Name:    google.com
Addresses:  2404:6800:4001:803::1002
      61.91.17.167
      61.91.17.152
      61.91.17.172
      61.91.17.163
      61.91.17.187
      61.91.17.168
      61.91.17.177
      61.91.17.158
      61.91.17.162
      61.91.17.148
      61.91.17.153
      61.91.17.173
      61.91.17.183
      61.91.17.178
      61.91.17.157
      61.91.17.182


Pinging google.com [61.91.17.148] with 32 bytes of data:
Reply from 61.91.17.148: bytes=32 time=10ms TTL=58
Reply from 61.91.17.148: bytes=32 time=9ms TTL=58

Ping statistics for 61.91.17.148:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 10ms, Average = 9ms
Server:  203-144-206-49.static.asianet.co.th
Address:  203.144.206.49

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=297ms TTL=44
Reply from 98.139.183.24: bytes=32 time=293ms TTL=44

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 293ms, Maximum = 297ms, Average = 295ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...00 ff 4e 8d f3 89 ......TAP-Windows Adapter V9
 14...bc 5f f4 8d 67 09 ......Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.33     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.33    276
     192.168.1.33  255.255.255.255         On-link      192.168.1.33    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.33    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.33    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.33    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 14    276 fe80::/64                On-link
 14    276 fe80::cc82:119:d0a0:eb66/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/03/2015 03:10:25 PM) (Source: Application Hang) (User: )
Description: The program Skype.exe version 7.0.0.102 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e3c

Start Time: 01d03f8865dff054

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report Id: 142fc801-ab7c-11e4-bf0d-bc5ff48d6709

Faulting package full name:

Faulting package-relative application ID:

Error: (02/03/2015 03:03:15 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 33.0.2.5413 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1128

Start Time: 01d03f871b5e735e

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 186a439b-ab7b-11e4-bf0c-bc5ff48d6709

Faulting package full name:

Faulting package-relative application ID:


System errors:
=============
Error: (02/03/2015 04:26:08 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/03/2015 03:36:19 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/03/2015 03:20:16 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/03/2015 03:08:20 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.

Error: (02/03/2015 03:08:20 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.

Error: (02/03/2015 03:06:04 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.


Microsoft Office Sessions:
=========================
Error: (02/03/2015 03:10:25 PM) (Source: Application Hang)(User: )
Description: Skype.exe7.0.0.102e3c01d03f8865dff0544294967295C:\Program Files (x86)\Skype\Phone\Skype.exe142fc801-ab7c-11e4-bf0d-bc5ff48d6709

Error: (02/03/2015 03:03:15 PM) (Source: Application Hang)(User: )
Description: firefox.exe33.0.2.5413112801d03f871b5e735e4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe186a439b-ab7b-11e4-bf0c-bc5ff48d6709


CodeIntegrity Errors:
===================================
  Date: 2015-02-03 16:26:14.625
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-02-03 15:20:22.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-02-03 15:06:10.382
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-02-03 14:13:12.377
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-02-03 13:14:21.034
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-01-28 20:05:01.202
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-01-25 06:22:17.040
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-01-21 20:11:54.582
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-01-20 12:44:15.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

  Date: 2015-01-17 22:37:40.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.



=========================== Installed Programs ============================
7-Zip 9.09 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0909-000001000000}) (Version: 9.09.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.356 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced Site Submitter 1.0 (HKLM-x32\...\3883.com Advanced Site Submitter_is1) (Version:  - 3883.com)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.10.1045 RC 1, 21.05.2012 - AIMP DevTeam)
Ant Multinator 1C (HKLM-x32\...\{2C409BC6-DE18-4DEB-8455-0BAD317F5F12}) (Version: 1.0.0 - Antification)
Any Audio Converter 4.0.6 (HKLM-x32\...\Any Audio Converter_is1) (Version:  - Any-Audio-Converter.com)
Apowersoft Screen Recorder Pro V1.4.2 (HKLM-x32\...\{BADAA284-1D15-4EBB-B1E5-7C86603CDBBB}_is1) (Version: 1.4.2 - APOWERSOFT LIMITED)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AutoTrafficAccelerator version 4.5 (HKLM-x32\...\{5CE22D54-6FA4-4687-BC96-52B4D97AA7E3}_is1) (Version: 4.5 - )
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Backblaze (HKLM-x32\...\Backblaze) (Version:  - Backblaze, Inc)
BBC iPlayer Downloads (HKLM-x32\...\{26FB1064-0CC3-49D8-97AB-CAE376428297}) (Version: 1.10.0 - BBC)
BitComet 1.36 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.36 - CometNetwork)
blackMaps version 2.0.7 (HKLM-x32\...\{3035B0FD-3C89-4AA1-9675-1E64343DA535}_is1) (Version: 2.0.7 - botNetworks.com)
Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version:  - )
CreativePost (HKLM-x32\...\CreativePost) (Version: 0.6 - UNKNOWN)
CreativePost (x32 Version: 0.6 - UNKNOWN) Hidden
darkNode version 2.0.7 (HKLM-x32\...\{3035B0FD-3C89-4AA1-9675-1E1EB322}_is1) (Version: 2.0.7 - botNetworks.com)
Demon Dialer (HKCU\...\5ddba7d8bc27c341) (Version: 1.0.0.30 - LunchboxCode)
Dropbox (HKCU\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
FileZilla Client 3.8.1 (HKCU\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FormatFactory 2.95 (HKLM-x32\...\FormatFactory) (Version: 2.95 - Free Time)
Foxit Phantom (HKLM-x32\...\Foxit Phantom) (Version: 2.2.3.1112 - Foxit Software Company)
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Fuze Meeting (HKLM-x32\...\{88F800EE-C2E3-49F1-9A61-DB1EE6DD4245}) (Version: 14.1.3326 - Fuze Box, Inc.)
G_Insider 2.0.0.0 (HKLM-x32\...\G_Insider 2.0.0.0) (Version:  - Antification)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 6.4.11.2273 (HKCU\...\GoToMeeting) (Version: 6.4.11.2273 - CitrixOnline)
HMA! Pro VPN 2.8.11.2 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.11.2 - Privax Ltd)
Hot Lead Finder v3.9.14 (HKLM-x32\...\HotProspector) (Version: 3.9.14 - UNKNOWN)
Hot Lead Finder v3.9.14 (x32 Version: 3.9.14 - UNKNOWN) Hidden
Instant Local Leads (HKLM-x32\...\InstantLocalLeads) (Version: 1.0.1 - UNKNOWN)
Instant Local Leads (x32 Version: 1.0.1 - UNKNOWN) Hidden
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
join.me (HKCU\...\JoinMe) (Version: 1.14.0.132 - LogMeIn, Inc.)
Keyword Flood (HKCU\...\27c0c2ae44f417b4) (Version: 1.0.0.4 - Yazobo)
Keyword Ninja 1.0 (HKLM-x32\...\Keyword Ninja_is1) (Version:  - Copyright ฉ 2006 Xybercode, Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Kudani (HKLM-x32\...\com.pageone.Kudani) (Version: 0.1.19 - PageOneTraffic Ltd)
Kudani (x32 Version: 0.1.19 - PageOneTraffic Ltd) Hidden
LINE (HKLM-x32\...\LINE) (Version: 3.9.0.172 - LINE Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Thai) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Thai) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 en-GB)) (Version: 24.5.0 - Mozilla)
MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version:  - )
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
PageOne Curator (HKLM-x32\...\com.pageone.Curator) (Version: 1.3.6 - PageOneTraffic Ltd)
PageOne Curator (x32 Version: 1.3.6 - PageOneTraffic Ltd) Hidden
paint.net (HKLM\...\{87D5082F-F857-40FE-9C8A-3F2B6C39F426}) (Version: 4.0.2 - dotPDN LLC)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power Submitter 10.06 and AOS V2.6 (HKLM-x32\...\{1BEF86D7-F448-407E-88E3-E415EAAC68CD}) (Version: 10.006 - BEcanada-DBSOFTINC)
Rapid Content Wizard - Lightning Edition (HKCU\...\bde661a36b5399bb) (Version: 1.0.0.17 - AGB Marketing Group, LLC)
Rapid Content Wizard (HKCU\...\60edbb69673a22f9) (Version: 1.0.0.7 - Rapid Content Wizard)
RoboForm 7-9-11-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-11-1 - Siber Systems)
Scraper (HKLM-x32\...\Scraper) (Version: 1 - UNKNOWN)
Scraper (x32 Version: 1 - UNKNOWN) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype? 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Start8 (HKLM\...\Start8_is1) (Version: 1.11 - Stardock Software, Inc)
Tube Traffic (HKLM-x32\...\com.tube-traffic.tube-traffic) (Version: 3.0.0.4 - UNKNOWN)
Tube Traffic (x32 Version: 3.0.0 - UNKNOWN) Hidden
UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Video Prospector Pro (HKLM-x32\...\{747232A9-CA27-4A5B-97F8-D44E96025255}) (Version: 2.0.2 - Mark Helton)
Video Prospector Pro (HKLM-x32\...\{BD9D128C-1548-44D4-9D15-E2F9E471D9AE}) (Version: 2.1.7 - Mark Helton)
Video Prospector Pro (HKLM-x32\...\{E957A1F1-DF02-4860-8278-5A684FC57DB2}) (Version: 1.8.8 - Mark Helton)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Your Uninstaller! 2006 Version 5 (HKLM-x32\...\Your Uninstaller! 2006_is1) (Version: 5.0 - URSoft, Inc.)

========================= Devices: ================================

Name: Intel® 82801 PCI Bridge - 244E
Description: Intel® 82801 PCI Bridge - 244E
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Intel® 82801G (ICH7 Family) SMBus Controller - 27DA
Description: Intel® 82801G (ICH7 Family) SMBus Controller - 27DA
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:

Name: Generic USB SD Reader USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr

Name: Speakers (2- High Definition Audio Device)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82801GB/GR (ICH7 Family) LPC Interface Controller - 27B8
Description: Intel® 82801GB/GR (ICH7 Family) LPC Interface Controller - 27B8
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay

Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: Generic USB CF Reader USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Vimicro USB Camera (Altair)
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo

Name: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
Description: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic USB SM Reader USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: I:\
Description: USB SM Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFWpdFs

Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport

Name: G:\
Description: USB SD Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFWpdFs

Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial

Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic

Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® Pentium® Dual  CPU  E2220  @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel® Pentium® Dual  CPU  E2220  @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
Description: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Foxit Phantom Printer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer:
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D2
Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D2
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Speakers (Apowersoft_AudioDevice)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Intel® 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF
Description: Intel® 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: intelide

Name: Printer Port Logical Interface
Description: Printer Port Logical Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Line (Apowersoft_AudioDevice)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:

Name: ATAPI DVD A  DH16A6S ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Generic USB MS Reader USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: ECP Printer Port (LPT1)
Description: ECP Printer Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Parport

Name: Hitachi HDT721032SLA380 ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Remote Desktop USB Hub
Description: Remote Desktop USB Hub
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: tsusbhub

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: Intel® 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0
Description: Intel® 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: intelide

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: H:\
Description: USB CF Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFWpdFs

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: SyncMaster 2233SW,SyncMaster Magic CX2233SW(Analog)
Description: SyncMaster 2233SW,SyncMaster Magic CX2233SW(Analog)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: Samsung
Service: monitor

Name: Intel® 4 Series Chipset Processor to I/O Controller - 2E30
Description: Intel® 4 Series Chipset Processor to I/O Controller - 2E30
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Intel® G41 Express Chipset (Microsoft Corporation - WDDM 1.1)
Description: Intel® G41 Express Chipset (Microsoft Corporation - WDDM 1.1)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Microphone (2- High Definition Audio Device)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:

Name: Apowersoft_AudioDevice
Description: Apowersoft_AudioDevice
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Apowersoft_AudioDevice
Service: Apowersoft_AudioDevice

Name: WDC WD20EARX-00ZUDB0 ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk


========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 3837.08 MB
Available physical RAM: 2326.11 MB
Total Pagefile: 6781.08 MB
Available Pagefile: 4936.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.44 MB

========================= Partitions: =====================================

1 Drive c: (Os) (Fixed) (Total:97.65 GB) (Free:7.9 GB) NTFS
2 Drive d: (data) (Fixed) (Total:1863.01 GB) (Free:673.39 GB) NTFS
3 Drive e: (RobertLeisk) (Fixed) (Total:200.43 GB) (Free:11.96 GB) NTFS

========================= Users: ========================================

User accounts for \\ACER

Admin                    Administrator            Guest                    

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

03-02-2015 09:23:48 Malwarebytes Anti-Rootkit Restore Point

**** End of log ****
 



#7 WhiteKnight4U

WhiteKnight4U
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 03 February 2015 - 04:38 AM

I have gone though all steps given in the first post and the Hi.ru is still appearing when I load chrome or firefox

 

What else can I do.



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 03 February 2015 - 03:01 PM




Step 1: Malwarebytes Scan.
 
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.
 

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

 
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Copy Paste that saved log to your next reply.

 
Step 2: 9-Lab Scan
 
Download 9-Lab Removal Tool. from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
 

Install the program onto your computer, then right click the icon RRXH2ZG.jpg run as administrator.

Go to the Update tab and update the program.

ZT1y9rP.png

Now go to the scanner tab and select Full Scan.

k68m97f.png

Upon Scan Completion Click Show Results.

FihDIFx.png

Now click the Clean button.

eCCJKcA.png

Once done cleaning you can go to the logs tab double click it and copy paste in your next reply.
 
 
Step 3: Eset Scan
 
Disable your antivirus prior to running this scan.
 
 
 esetonlinebtn.png
 
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 
Step 4: Hitman Pro Scan
 
 
 
Download Zemana Cloud AntiMalware from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.

http://dl9.zemana.com/download/Products/AntiMalware/Build192/ZemanaAntiMalware.exe          32 bit
http://dl9.zemana.com/download/Products/AntiMalware/Build192/ZemanaAntiMalware_x64.exe  64 bit

Note: If you have used Hitman Pro in the past you will not be able to activate a free license for this product.

Save the file to your desktop.
Right Click and run as administrator.
Click Next to scan for malicious software.
Tick the box that reads. " No I only want to perform a one time scan to check this computer"
0X6Id66.jpg

Hit Next.

ccs6wdZ.png

Upon scan completion. Now click on on save log and save to your desktop. Hit next to activate.

yhKtpGe.png

After you activate, remove malware and post the log created in your next reply.



#9 WhiteKnight4U

WhiteKnight4U
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 05 February 2015 - 11:23 PM

Malwarebytes Anti-Malware Yesterday I started with this program. It caused my computer to crash and took me ages to figure out how to fix as the computer kept going off too quick. I finally disabled it and uninstalled and now its back to normal.

 

Still have the problem with that HI ru



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:19 PM

Posted 06 February 2015 - 07:04 AM

You never explained exactly what the problem was with HI ru...can you do that?

Did you run the other scans or just stop after trying to use Malwarebytes?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users