Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Proxy Set Up Without Knowledge [Solved]

Started by HelpAppreciated , May 18 2014 10:46 AM
proxy

  • This topic is locked This topic is locked
28 replies to this topic

#1 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 18 May 2014 - 10:46 AM

Hello. From time to time I find that my network settings have proxy set to on, but I didn't tick the box for it to be on. I try to put it back to default settings then some time later I find it back to proxy. I do not know if this is a major problem or not, but I would appreciate some help. 

 

Also, I don't know if this information is useful at all but the proxy address was set to 127.0.0.1 and the port was 5060.

 

I installed Hijackthis and here are the results from the log:

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:45:42 PM, on 18/05/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Bozkurt\Desktop\HiJackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by AOL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:5060
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HP Deskjet 3050 J610 series (NET)] "C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN0BO3C29Z05HX:NW" -scfn "HP Deskjet 3050 J610 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [InternetCalls] "C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Monitor Ink Alerts - HP Deskjet 3050 J610 series (Network).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicr...osoft/wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 14326 bytes
 

 


    Advertisements

Register to Remove

#2 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 19 May 2014 - 04:36 AM

Hello HelpAppreciated, welcome to WhatTheTech's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.  :)
 
======================================================
 
Important: I have laid out some "ground rules" I would very much appreciate you follow. Please read through the points below, to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Ensure you are subscribed to this topic to receive instant email notifications of my responses.
    • ​Scroll to the top of this page and ensure you see the following: 6hgDYJ6.png
    • If you are not set to follow this topic, click the Follow this topic button and follow the prompts.
  • Please attempt to backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.
     

======================================================

 

Please be advised that I am currently in training. My responses will need to be approved by one of our experts before I post them. This is only to ensure you are receiving accurate instructions. I will return as soon as possible. 


  • VigienLen likes this

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#3 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 19 May 2014 - 09:45 AM

Hello HelpAppreciated
 
Port 5060 is associated with the Session Initiation Protocol. This protocol is utilised by Voice over IP (VoIP) technology. I see you have InternetCalls.com software installed on your computer - this could very well be the cause of the proxy. We will look into this further in due course. 
 
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x64) and save the file to your desktop.
  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply.
     

======================================================
 
STEP 2
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • FRST.txt
  • Addition.txt

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#4 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 22 May 2014 - 04:24 PM

Hello,

 

Sorry for the late reply. I am scanning now and I will post the results as soon as I can. :)


#5 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 22 May 2014 - 04:26 PM

Here are both the logs:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Bozkurt at 2014-05-22 18:23:53
Running from C:\Users\Bozkurt\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.8.2 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.30739 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.61 - Conexant)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.82 - WildTangent) Hidden
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.11.0827 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GoToMeeting 6.3.0.1415 (HKCU\...\GoToMeeting) (Version: 6.3.0.1415 - CitrixOnline)
Hotspot Shield 3.25 (HKLM-x32\...\HotspotShield) (Version: 3.25 - AnchorFree Inc.)
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{6457BD83-98CF-4267-93D7-F173FF3E7C25}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version:  - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
InternetCalls (HKLM-x32\...\InternetCalls_is1) (Version: 4.12 build 707 - Finarea S.A. Switzerland)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java™ 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Java™ SE Development Kit 6 Update 27 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160270}) (Version: 1.6.0.270 - Oracle)
JCreator LE 5.00 (HKLM-x32\...\JCreator LE_is1) (Version:  - Xinox Software)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Media Go (HKLM-x32\...\{5C7025FD-6BD0-4E48-8948-696E26AF6F15}) (Version: 2.5.299 - Sony)
Media Go Video Playback Engine 1.120.107.05010 (HKLM-x32\...\{8227BCD8-AA43-B935-7134-2732A298364A}) (Version: 1.120.107.05010 - Sony)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM\...\{A6A4A258-0A48-4F76-B8F1-61F0514594DD}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Minecraft 1.4.5 (HKLM-x32\...\Minecraft 1.4.5) (Version:  - )
MKVToolNix 6.1.0 (HKLM-x32\...\MKVToolNix) (Version: 6.1.0 - Moritz Bunkus)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - )
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - )
Norton 360 (HKLM-x32\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2013.4.0.10 - Symantec Corporation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation®Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Python 3.2 pygame-1.9.2a0 (HKLM-x32\...\{265E2F1D-0025-45DF-B83B-8320466108A8}) (Version: 1.9.2 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.2.3 (HKLM-x32\...\{789C9644-9F82-44d3-B4CA-AC31F46F5882}) (Version: 3.2.3150 - Python Software Foundation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0011 - Realtek)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.3.201402131509 - Sony Mobile Communications AB)
Sony PC Companion 2.10.188 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{607BE7BF-7C28-4ADB-A4A0-385962B901C3}) (Version: 8.0.28 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.10.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.2.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.06 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.10 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM-x32\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM-x32\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM-x32\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.80 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
27-04-2014 20:02:09 Scheduled Checkpoint
02-05-2014 14:22:59 Windows Update
06-05-2014 04:52:48 Windows Update
14-05-2014 04:13:30 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {04D45A69-F18E-4AB3-83C7-4A7D3C925512} - System32\Tasks\G2MUpdateTask-S-1-5-21-2475566040-1620998011-1919036322-1001 => C:\Users\Bozkurt\AppData\Local\Citrix\GoToMeeting\1415\g2mupdate.exe [2014-05-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {100F9B1A-9265-4310-A6AB-DA11849A88F9} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-29] (Symantec Corporation)
Task: {37FFFFB7-25F3-4B73-A6A4-6A2214DEFB6C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {59D6E228-7964-40B4-8081-371C5966FA53} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {66D3CA70-CFD7-4AF8-8AA7-B1A2CA1E2000} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-02-22] (TOSHIBA CORPORATION)
Task: {7A0EC2A2-F28D-4060-ADBD-2929D39EE6BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-19] (Google Inc.)
Task: {9292E921-919E-4EA8-959C-0F0D727C8C4D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {AA8C4CC1-0483-4D47-A757-74DC15508DD0} - System32\Tasks\AdobeAAMUpdater-1.0-Toshiba-PC-Bozkurt => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {CBA78C8A-30C4-4930-9CBC-FCD8DE124701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-19] (Google Inc.)
Task: {E1B50712-384E-4792-9822-337CA6FD9B8E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {F2586065-CD72-4B53-8160-FA9B61ABBF5D} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-29] (Symantec Corporation)
Task: {F8A61A84-2750-41D3-AD05-57504BFA3F71} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\WSCStub.exe [2014-03-11] (Symantec Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2475566040-1620998011-1919036322-1001.job => C:\Users\Bozkurt\AppData\Local\Citrix\GoToMeeting\1415\g2mupdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-03-14 23:15 - 2012-09-18 15:27 - 00192512 ____N () C:\windows\System32\zlhp1020.dll
2014-02-20 00:00 - 2012-09-18 16:27 - 00065024 _____ () C:\windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-03-14 20:35 - 2014-03-14 20:35 - 00555304 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2010-02-05 21:44 - 2010-02-05 21:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-03-19 14:38 - 2014-03-19 14:38 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-03-19 17:46 - 2014-03-19 17:46 - 00381224 _____ () C:\Program Files (x86)\Hotspot Shield\bin\cmwarchplugin.dll
2014-03-19 13:48 - 2014-03-19 13:48 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2013-06-18 16:06 - 2012-05-30 10:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON IDENTITY SAFE\ENGINE\2013.4.0.10\wincfi39.dll
2014-05-22 18:15 - 2014-05-13 19:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 18:15 - 2014-05-13 19:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 18:15 - 2014-05-13 19:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 18:15 - 2014-05-13 19:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 18:15 - 2014-05-13 19:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-22 18:15 - 2014-05-13 19:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^Users^Bozkurt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3050 J610 series.lnk => C:\windows\pss\Monitor Ink Alerts - HP Deskjet 3050 J610 series.lnk.Startup
MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Users\Bozkurt\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: InternetCalls => "C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Teco => "%PROGRAMFILES%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: TosNC => %PROGRAMFILES%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/21/2014 05:16:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000005
Fault offset: 0x00000000000055cf
Faulting process id: 0x6c4
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3
 
Error: (05/20/2014 04:03:00 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:03:00 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:03:00 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:03:00 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
 
 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
 
System errors:
=============
Error: (05/21/2014 05:16:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (05/20/2014 04:03:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/20/2014 04:03:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (05/18/2014 00:00:59 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (05/16/2014 05:58:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
 
Error: (05/12/2014 08:53:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/12/2014 08:53:16 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (05/11/2014 08:41:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Norton 360 service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (05/11/2014 08:34:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Norton 360 service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (05/11/2014 07:21:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Norton 360 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (05/21/2014 05:16:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc000000500000000000055cf6c401cf752e31ce55caC:\windows\system32\svchost.exec:\windows\system32\sysmain.dll39a3d9b3-e12d-11e3-8da9-00266c9dd8dc
 
Error: (05/20/2014 04:03:00 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:03:00 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:03:00 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/20/2014 04:03:00 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700
 
Error: (05/20/2014 04:02:56 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 56%
Total physical RAM: 3894.84 MB
Available physical RAM: 1698.28 MB
Total Pagefile: 7787.87 MB
Available Pagefile: 5247.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (S3A8573D007) (Fixed) (Total:579.04 GB) (Free:486.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 5EB45491)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=579 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=17)
 
==================== End Of Log ============================
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Bozkurt (administrator) on TOSHIBA-PC on 22-05-2014 18:23:13
Running from C:\Users\Bozkurt\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(InternetCalls) C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [301568 2013-05-01] (Microsoft Corporation)
HKU\S-1-5-21-2475566040-1620998011-1919036322-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2475566040-1620998011-1919036322-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-2475566040-1620998011-1919036322-1001\...\Run: [InternetCalls] => C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe [19234632 2013-03-14] (InternetCalls)
HKU\S-1-5-21-2475566040-1620998011-1919036322-1001\...\MountPoints2: {44ecedd2-7254-11e3-a8c3-00266c9dd8dc} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2475566040-1620998011-1919036322-1001\...\MountPoints2: {9514dfcd-8837-11e2-a7b4-00266c9dd8dc} - G:\LaunchU3.exe -a
Startup: C:\Users\Bozkurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050 J610 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050 J610 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
ProxyServer: 127.0.0.1:5060
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aol.com/?ncid=customie9
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7TSCA
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7TSCA
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-01-2013
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7TSCA
SearchScopes: HKCU - DefaultScope {9A24538E-620B-4289-92B8-DDF593A2F0F9} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-01-2013
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...1I7TSCA_enCA519
SearchScopes: HKCU - {9A24538E-620B-4289-92B8-DDF593A2F0F9} URL = http://search.yahoo....p={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 216.8.137.101 216.8.137.100
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw_1211151.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - E:\Bozkurt\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Bozkurt\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.2.1.33\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.1.7\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.1.7\IPSFF [2014-03-15]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.1.7\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.1.7\coFFPlgn\ []
 
Chrome: 
=======
CHR HomePage: hxxp://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ch
CHR StartupUrls: "hxxp://google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Norton Identity Safe) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Extension: (Google Docs) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-19]
CHR Extension: (Google Drive) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-19]
CHR Extension: (Google Search) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-19]
CHR Extension: (AdBlock) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-01-19]
CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-03-15]
CHR Extension: (Google Wallet) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Hover Zoom) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-08-27]
CHR Extension: (Gmail) - C:\Users\Bozkurt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-19]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-01-19]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-02-23]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx [2012-10-16]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-26]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  [2014-03-26]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [925480 2014-03-19] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-03-19] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2014-03-14] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.1.7\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-14] (Symantec Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [54984 2014-03-19] (AnchorFree Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.1.7\Definitions\IPSDefs\20140521.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.1.7\Definitions\VirusDefs\20140522.001\ENG64.SYS [126040 2014-05-07] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.1.7\Definitions\VirusDefs\20140522.001\EX64.SYS [2099288 2014-05-07] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2014-02-11] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
S3 ALSysIO; \??\C:\Users\Toshiba\AppData\Local\Temp\ALSysIO64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-22 18:23 - 2014-05-22 18:23 - 00025037 _____ () C:\Users\Bozkurt\Desktop\FRST.txt
2014-05-22 18:22 - 2014-05-22 18:23 - 00000000 ____D () C:\FRST
2014-05-22 18:22 - 2014-05-22 18:22 - 02067456 _____ (Farbar) C:\Users\Bozkurt\Desktop\FRST64.exe
2014-05-20 00:05 - 2014-05-20 01:41 - 00072192 _____ () C:\Users\Bozkurt\Desktop\Section Review Page 240 Exercise 7.xls
2014-05-19 23:30 - 2014-05-20 00:00 - 00010706 _____ () C:\Users\Bozkurt\Desktop\QuizUp-Template.xlsx
2014-05-18 12:36 - 2014-05-18 12:45 - 00014328 _____ () C:\Users\Bozkurt\Desktop\hijackthis.log
2014-05-18 12:29 - 2014-05-18 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bozkurt\Desktop\HiJackThis.exe
2014-05-14 00:18 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-14 00:18 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-14 00:18 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-14 00:18 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-14 00:18 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-14 00:18 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-13 22:20 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-13 22:19 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-13 22:19 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-13 22:19 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-13 22:19 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-13 22:19 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-13 22:19 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-13 22:19 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-13 22:19 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-13 22:19 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-13 22:19 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-13 22:19 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-13 22:19 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-13 22:19 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-13 22:19 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-13 22:19 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-13 22:19 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-13 22:19 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-13 22:19 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-13 22:19 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-13 22:19 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-13 22:19 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-13 22:19 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-13 22:19 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-13 22:19 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-13 22:19 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-13 22:19 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-13 22:19 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-13 22:19 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-13 22:19 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-13 22:19 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-13 22:19 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-13 22:19 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-13 22:19 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-12 08:51 - 2014-05-19 22:31 - 00000000 ____D () C:\Users\Bozkurt\Desktop\Radish Plant Lab
2014-05-09 21:47 - 2014-05-10 06:23 - 00000000 ____D () C:\Users\Bozkurt\Desktop\Certificates
2014-05-08 22:28 - 2014-05-08 22:28 - 11855575 _____ () C:\Users\Bozkurt\Desktop\Chemistry_Tests.zip
2014-05-06 00:53 - 2014-05-14 17:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-04-30 22:56 - 2014-04-30 22:59 - 00191036 _____ () C:\Users\Bozkurt\Desktop\yasinily.pptx
2014-04-30 22:36 - 2014-04-30 22:36 - 02484568 _____ () C:\Users\Bozkurt\Desktop\vote4me4.psd
2014-04-30 22:18 - 2014-04-30 22:18 - 01418728 _____ () C:\Users\Bozkurt\Desktop\vote4me3.psd
2014-04-30 21:35 - 2014-04-30 21:36 - 12146759 _____ () C:\Users\Bozkurt\Desktop\vote4me2.psd
2014-04-30 19:48 - 2014-04-30 20:26 - 09832094 _____ () C:\Users\Bozkurt\Desktop\VoteMePoster.psd
2014-04-30 18:37 - 2014-04-30 18:37 - 00003306 _____ () C:\windows\System32\Tasks\{B042D8D1-A45F-4EE7-98F7-0402F7C4ACFE}
2014-04-22 21:19 - 2014-04-22 21:19 - 00000000 ____D () C:\Users\dub_cm_auto
 
==================== One Month Modified Files and Folders =======
 
2014-05-22 18:23 - 2014-05-22 18:23 - 00025037 _____ () C:\Users\Bozkurt\Desktop\FRST.txt
2014-05-22 18:23 - 2014-05-22 18:22 - 00000000 ____D () C:\FRST
2014-05-22 18:22 - 2014-05-22 18:22 - 02067456 _____ (Farbar) C:\Users\Bozkurt\Desktop\FRST64.exe
2014-05-22 18:12 - 2013-01-19 15:48 - 00000900 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 18:11 - 2014-01-29 18:43 - 00000574 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2475566040-1620998011-1919036322-1001.job
2014-05-22 18:06 - 2012-02-13 16:09 - 01615723 _____ () C:\windows\WindowsUpdate.log
2014-05-22 17:54 - 2013-08-14 21:27 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-22 17:54 - 2013-01-19 16:47 - 00000000 ____D () C:\Users\Bozkurt\AppData\Local\Adobe
2014-05-22 17:54 - 2013-01-19 15:48 - 00000896 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-21 22:32 - 2012-07-23 11:38 - 00750152 _____ () C:\windows\system32\perfh00C.dat
2014-05-21 22:32 - 2012-07-23 11:38 - 00153852 _____ () C:\windows\system32\perfc00C.dat
2014-05-21 22:32 - 2009-07-14 01:13 - 01668256 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-21 15:59 - 2009-07-14 00:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-21 15:59 - 2009-07-14 00:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-21 15:52 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-20 22:57 - 2013-01-20 18:50 - 00000000 ____D () C:\Users\Bozkurt\AppData\Roaming\Skype
2014-05-20 01:41 - 2014-05-20 00:05 - 00072192 _____ () C:\Users\Bozkurt\Desktop\Section Review Page 240 Exercise 7.xls
2014-05-20 00:00 - 2014-05-19 23:30 - 00010706 _____ () C:\Users\Bozkurt\Desktop\QuizUp-Template.xlsx
2014-05-19 22:31 - 2014-05-12 08:51 - 00000000 ____D () C:\Users\Bozkurt\Desktop\Radish Plant Lab
2014-05-18 12:45 - 2014-05-18 12:36 - 00014328 _____ () C:\Users\Bozkurt\Desktop\hijackthis.log
2014-05-18 12:36 - 2013-01-19 17:39 - 00000000 ____D () C:\Users\Bozkurt\AppData\Local\VirtualStore
2014-05-18 12:29 - 2014-05-18 12:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bozkurt\Desktop\HiJackThis.exe
2014-05-14 22:34 - 2014-01-29 18:43 - 00003608 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2475566040-1620998011-1919036322-1001
2014-05-14 17:19 - 2013-01-19 17:39 - 00000000 ___RD () C:\Users\Bozkurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 17:19 - 2013-01-19 17:39 - 00000000 ___RD () C:\Users\Bozkurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:16 - 2014-05-06 00:53 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-14 00:19 - 2012-02-13 16:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-13 22:46 - 2013-08-14 21:27 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 22:46 - 2013-01-19 15:43 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:46 - 2013-01-19 15:43 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-11 21:50 - 2013-01-19 18:12 - 00000000 ____D () C:\Users\Bozkurt\AppData\Local\CrashDumps
2014-05-10 23:47 - 2014-04-19 19:25 - 00000000 ____D () C:\Users\Bozkurt\Desktop\Accounting Hacks
2014-05-10 06:23 - 2014-05-09 21:47 - 00000000 ____D () C:\Users\Bozkurt\Desktop\Certificates
2014-05-09 02:14 - 2014-05-13 22:19 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-13 22:19 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-08 22:28 - 2014-05-08 22:28 - 11855575 _____ () C:\Users\Bozkurt\Desktop\Chemistry_Tests.zip
2014-05-07 16:44 - 2013-01-19 15:48 - 00003896 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 16:44 - 2013-01-19 15:48 - 00003644 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 00:40 - 2014-05-14 00:18 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 00:17 - 2014-05-14 00:18 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-05 23:25 - 2014-05-14 00:18 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-05 23:07 - 2014-05-14 00:18 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-05 23:00 - 2014-05-14 00:18 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-14 00:18 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-01 22:59 - 2014-03-27 20:15 - 00000000 ____D () C:\Users\Bozkurt\Desktop\Photo Club
2014-04-30 22:59 - 2014-04-30 22:56 - 00191036 _____ () C:\Users\Bozkurt\Desktop\yasinily.pptx
2014-04-30 22:36 - 2014-04-30 22:36 - 02484568 _____ () C:\Users\Bozkurt\Desktop\vote4me4.psd
2014-04-30 22:18 - 2014-04-30 22:18 - 01418728 _____ () C:\Users\Bozkurt\Desktop\vote4me3.psd
2014-04-30 21:36 - 2014-04-30 21:35 - 12146759 _____ () C:\Users\Bozkurt\Desktop\vote4me2.psd
2014-04-30 20:26 - 2014-04-30 19:48 - 09832094 _____ () C:\Users\Bozkurt\Desktop\VoteMePoster.psd
2014-04-30 20:26 - 2013-02-19 01:04 - 00000132 _____ () C:\Users\Bozkurt\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-04-30 18:37 - 2014-04-30 18:37 - 00003306 _____ () C:\windows\System32\Tasks\{B042D8D1-A45F-4EE7-98F7-0402F7C4ACFE}
2014-04-30 18:33 - 2013-01-19 15:43 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-04-22 21:19 - 2014-04-22 21:19 - 00000000 ____D () C:\Users\dub_cm_auto
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-09 20:56
 
==================== End Of Log ============================

#6 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 22 May 2014 - 08:38 PM

Hello HelpAppreciated, 
 

Sorry for the late reply.

No problem.  :)

 
Please consider/carry out the following: 
 

goGMWSt.gifP2P WARNING

------------------------------

I see you have peer-to-peer (P2P) file sharing software installed on your computer (BitTorrent). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infected and infested with malware -wormsbackdoor TrojansIRCBots, and rootkits propagate via P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

Risks of File-Sharing Technology
P2P Software User Advisories
More malware is traveling on P2P networks these days

I suggest you remove any trace of file sharing software from your computer. You can uninstall your P2P file sharing software by:

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall one at a time.
    • BitTorrent
  • Please inform if you decide to uninstall your P2P file sharing software. I will script out any remaining entries not removed.
If you decide against removing your P2P file sharing software, please ensure you refrain from P2P filesharing whilst your computer is being cleaned. Please be aware you may be denied assistance in future if you return with an infected machine having decided against removing your P2P file sharing software.

 

 
Did you install, and do you use Hotspot Shield
I can see InternetCalls.exe is disabled from startup in MSCONFIG. Do you use this programme? If you do, please temporarily refrain from using this it. 
 
I would like you to temporarily disable Hotspot Shield from starting up (using MSCONFIG).

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type msconfig and click OK.
  • If prompted for an administrator password or for confirmation, type the password, or provide confirmation.
  • In the Startup tab, remove the checkmark next to Hotspot Shield.
  • Click OK.
  • If prompted, click Restart. Otherwise, restart your computer manually. 
  • Remove the proxy (if present) and restart your computer once more. 
  • I would like you to monitor your computer, and check to see if the proxy returns or not. Let me know.
     

Where did you get this programme from?

  • reFX Nexus VSTi RTAS v2.2.0
     

Did you install, and do you use this programme?

  • Pando Media Booster
     

Do you recognise these folders?

  • C:\Users\Bozkurt\Desktop\Accounting Hacks
  • C:\Users\Bozkurt\Desktop\Certificates
     

nWhGEI3.png VirusTotal Upload

  • Please go to VirusTotal.com.
  • Click Choose File and locate the following file:
    • C:\windows\System32\Tasks\{B042D8D1-A45F-4EE7-98F7-0402F7C4ACFE}
  • Click Scan it!.
  • If you receive the following notification: File already analysed click Reanalyse.
  • Once the file has been analyzed, copy the page URL at the top of the window and paste in your next reply. 
     

======================================================

pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Has the proxy returned (having disabled Hotspot Shield)?
  • Where did the programme come from?
  • Do you use Pando Media Booster?
  • Do you recognise the folders?
  • VirusTotal results

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#7 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 22 May 2014 - 09:17 PM

Hello there. Thank you for the quick response.

 

  • I infrequently use Hotspot Shield. It did not show up under the start up tab for msconfig, so I cannot do much about that.
  • I cannot guarantee that Internet Calls won't be used since I am not the one who uses it.
  • I rarely use BitTorrent. Even so, I would rather keep it.
  • Nexus is a VST for FL Studio. There should be no problem with this.
  • I wasn't really sure what Pando Media Booster was but apparently it has something to do with the LoL game. I rarely play it but if it comes with the game (and makes it work) I would rather not get rid of it unless it is something serious.
  • Regarding the files, I do know what they are. The one called "Accounting Hacks" is a folder I keep files that help me with my accounting course. Basically they're tips and tricks to succeed in class. The other folder is what it is called, a folder with scanned certificates.
  • Here is the link to the VirusTotal results: https://www.virustot...sis/1400814901/

 

Thanks again!


#8 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 22 May 2014 - 09:34 PM

I was looking through the Farbar log and I saw this:

 

==================== Faulty Device Manager Devices =============
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
If possible, can you explain what this means?

#9 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 22 May 2014 - 10:03 PM

I went ahead and scanned the Pando Media Booter application file on VirusTotal and these were the results: https://www.virustot...sis/1400817421/

 

Is that ok?


#10 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 23 May 2014 - 11:22 AM

Hello HelpAppreciated, 

Thank you for the information and VirusTotal results. 
 
Bar InternetCalls and Hotspot Shield, there is nothing jumping out as the possible cause for the reoccurring proxy. In order to confirm the proxy is created by one of these two programmes, I would like you to temporarily uninstall both during this process (as instructed below).

  • InternetCalls can be reinstalled from here.
  • Hotspot Shield can be reinstalled from here.

If you have yet to do so, please remove the proxy. Monitor your settings and let me know if it returns. The proxy should not return if you have uninstalled both programmes. Once we feel satisfied one of the two programmes above is the cause of the proxy, you can reinstall the programmes. 

 

I would rather not get rid of it unless it is something serious [...] is that ok?

Panda Media Booster may offer or exhibit borderline or questionable behavior. In this case, the programme is known to bundle adware and Potentially Unwanted Programmes (PUPs). As you have already installed, and use the programme, there is no need to remove it. If you do not use the programme then you may wish to uninstall the programme. 
 

If possible, can you explain what this means?

We will get to this in due course. There are a couple of errors that require troubleshooting. Please complete the steps below, and we will move onto troubleshooting the identified errors. 
 
 
STEP 1
EtQetiM.png Remove Software

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall.
    • Hotspot Shield 3.25
    • InternetCalls
  • Follow the prompts.
  • Reboot if necessary.
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [925480 2014-03-19] (AnchorFree Inc.)
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-01-2013
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-01-2013
CHR HomePage: hxxp://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ch
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-02-23]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx [2012-10-16]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]HKLM\...\Run: [] => [X]
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did Hotspot Shield uninstall successfully?
  • Fixlog.txt

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

    Advertisements

Register to Remove

#11 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 23 May 2014 - 02:18 PM

Hello,

 

Both programs seem to have uninstalled successfully. I haven't needed to change the proxy settings back to default since creating this topic. I have a feeling you may be correct in thinking that Internet Calls was the one to create the proxy, but let us proceed just to be sure. :)

 

Here is the requested log:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-05-2014
Ran by Bozkurt at 2014-05-23 16:13:06 Run:1
Running from C:\Users\Bozkurt\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [925480 2014-03-19] (AnchorFree Inc.)
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-01-2013
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=19-01-2013
CHR HomePage: hxxp://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ch
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-02-23]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx [2012-10-16]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]HKLM\...\Run: [] => [X]
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
end
*****************
 
C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe => No running process found
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe" => File/Directory not found.
hshld => Service not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6} => Key deleted successfully.
HKCR\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6} => Key not found.
CHR HomePage: hxxp://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ch ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj => Key deleted successfully.
C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj => Key deleted successfully.
C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk => Key deleted successfully.
C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22] => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove => Key deleted successfully.
 
==== End of Fixlog ====

#12 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 23 May 2014 - 05:27 PM

Hello HelpAppreciated, 
 

I have a feeling you may be correct in thinking that Internet Calls was the one to create the proxy, but let us proceed just to be sure.   :)

Good plan.  :thumbup:  
 
One minor fix which can be done manually, followed by troubleshooting some of the identified errors. 
 
 
STEP 1
U5NwUGc.png Reset Chrome Homepage

  • Type chrome://settings/homePageOverlay into the URL bar. 
  • Delete the current homepage (which was set by Spigot, a company with a dubious reputation).
  • Enter the URL of your desired homepage (eg. http://www.google.ca/ ). 
     

STEP 2
MgeHyNE.png Batch File

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    @echo off
REG EXPORT "HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS" "%userprofile%\desktop\reglook.txt"
notepad "%userprofile%\desktop\reglook.txt"
exit
  • Click Format. Ensure Wordwrap is unchecked
  • Click FileSave As and name the file regfind.bat
  • Select All Files as the Save as type.
  • Save the file to your desktop
     
  • Locate regfind.bat iKKSwsh.png (W8/7/Vista) on your desktopDouble-click the icon. 
  • A log (reglook.txt) will open. Copy the contents of the log and paste in your next reply. 
     

STEP 3
MgeHyNE.png System File Checker (SFC)

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    sfc /scannow
findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"
"%userprofile%\Desktop\sfcdetails.txt"
  • Click Format. Ensure Wordwrap is unchecked
  • Click FileSave As and name the file querysfc.bat
  • Select All Files as the Save as type.
  • Save the file to your desktop
     
  • Locate the querysfc.bat iKKSwsh.png (W8/7/Vista) on your desktopDouble-click the icon. 
  • A log (sfcdetails.txt) will open. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • reglook.txt
  • sfcdetails.txt

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#13 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 23 May 2014 - 09:29 PM

Hello,

 

Whenever I open chrome it goes to Google, so I didn't realize that my home page was set by Spigot. Thanks for that. :)

 

Here is reglook:

 

Windows Registry Editor Version 5.00
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS]
"Dhcpv6DUID"=hex:00,01,00,01,19,14,aa,80,00,26,6c,9d,d8,dc
"EnableICSIPv6"=dword:00000001
"DisabledComponents"=dword:ffffffff
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{016dd1bb-1b07-4de3-a0e4-e43b883a7216}]
"Dhcpv6Iaid"=dword:12000000
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{022c2ad1-accb-4903-a969-e127030a8c07}]
"Dhcpv6Iaid"=dword:19000000
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{22d13694-90db-47b8-815d-1b062ff9d042}]
"Dhcpv6Iaid"=dword:09001d09
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{35b2ee0e-f16b-49d5-8896-9f578598a43f}]
"Dhcpv6Iaid"=dword:1f000000
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{48629f27-1fd5-4ff2-a80e-11d36cc0c5b0}]
"Dhcpv6Iaid"=dword:1e000000
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{5544df6e-5c90-40af-bc7e-54c74f13deba}]
"Dhcpv6Iaid"=dword:141c659d
"Dhcpv6State"=dword:00000001
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{5e23bf12-e464-4908-94fc-654f644c326d}]
"Dhcpv6Iaid"=dword:20000000
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{69ce526e-6487-4dbd-8676-e700e2a6d723}]
"Dhcpv6Iaid"=dword:12b482fe
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{730ecda3-d2e3-488c-964f-909230508eb1}]
"Dhcpv6Iaid"=dword:10000000
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{850cffa2-7fb3-45eb-8621-62e9cba536f2}]
"Dhcpv6Iaid"=dword:1b000000
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{8f59f557-f55b-4434-890a-0809c47d18f7}]
"Dhcpv6Iaid"=dword:1d1c659d
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{8f8bc50a-db51-43bf-ac2b-895f206c328e}]
"Dhcpv6Iaid"=dword:0e00266c
"Dhcpv6State"=dword:00000001
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Interfaces\{ac049c3c-9b90-41a7-9385-dc5ad3e656f0}]
"Dhcpv6Iaid"=dword:10000000
"Dhcpv6State"=dword:00000000
 
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS\Winsock]
"UseDelayedAcceptance"=dword:00000000
"HelperDllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,\
  6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,\
  00,77,00,73,00,68,00,69,00,70,00,36,00,2e,00,64,00,6c,00,6c,00,00,00
"MaxSockAddrLength"=dword:0000001c
"MinSockAddrLength"=dword:0000001c
"Mapping"=hex:08,00,00,00,03,00,00,00,17,00,00,00,01,00,00,00,06,00,00,00,17,\
  00,00,00,01,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,06,00,00,00,17,00,\
  00,00,02,00,00,00,11,00,00,00,17,00,00,00,02,00,00,00,00,00,00,00,17,00,00,\
  00,00,00,00,00,11,00,00,00,17,00,00,00,03,00,00,00,ff,00,00,00,17,00,00,00,\
  03,00,00,00,00,00,00,00
 
May I ask, what does this information show you?  :scratch:
 
The following didn't work at first, so I saved the file with ANSI encoding and ran it as administrator. I don't know how it worked, but it did with those settings and then a scan took place. Here is the info from sfcdetails:
 
2014-05-23 22:48:34, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:34, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:37, Info                  CSI    0000000c [SR] Verify complete
2014-05-23 22:48:37, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:37, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:39, Info                  CSI    00000010 [SR] Verify complete
2014-05-23 22:48:39, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:39, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:41, Info                  CSI    00000014 [SR] Verify complete
2014-05-23 22:48:41, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:41, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:43, Info                  CSI    00000018 [SR] Verify complete
2014-05-23 22:48:43, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:43, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:45, Info                  CSI    0000001c [SR] Verify complete
2014-05-23 22:48:45, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:45, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:47, Info                  CSI    00000020 [SR] Verify complete
2014-05-23 22:48:47, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:47, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:50, Info                  CSI    00000024 [SR] Verify complete
2014-05-23 22:48:50, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:50, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:53, Info                  CSI    00000028 [SR] Verify complete
2014-05-23 22:48:54, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:54, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2014-05-23 22:48:57, Info                  CSI    0000002c [SR] Verify complete
2014-05-23 22:48:57, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:48:57, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:00, Info                  CSI    00000030 [SR] Verify complete
2014-05-23 22:49:00, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:00, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:03, Info                  CSI    00000034 [SR] Verify complete
2014-05-23 22:49:03, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:03, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:05, Info                  CSI    00000038 [SR] Verify complete
2014-05-23 22:49:05, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:05, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:08, Info                  CSI    0000003c [SR] Verify complete
2014-05-23 22:49:08, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:08, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:12, Info                  CSI    00000040 [SR] Verify complete
2014-05-23 22:49:12, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:12, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:15, Info                  CSI    00000044 [SR] Verify complete
2014-05-23 22:49:15, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:15, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:18, Info                  CSI    00000048 [SR] Verify complete
2014-05-23 22:49:18, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:18, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:20, Info                  CSI    0000004c [SR] Verify complete
2014-05-23 22:49:20, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:20, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:25, Info                  CSI    00000051 [SR] Verify complete
2014-05-23 22:49:25, Info                  CSI    00000052 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:25, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:31, Info                  CSI    00000055 [SR] Verify complete
2014-05-23 22:49:31, Info                  CSI    00000056 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:31, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:36, Info                  CSI    0000005c [SR] Verify complete
2014-05-23 22:49:36, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:36, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:40, Info                  CSI    00000060 [SR] Verify complete
2014-05-23 22:49:40, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:40, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:44, Info                  CSI    00000066 [SR] Verify complete
2014-05-23 22:49:45, Info                  CSI    00000067 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:45, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:49, Info                  CSI    0000006a [SR] Verify complete
2014-05-23 22:49:49, Info                  CSI    0000006b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:49, Info                  CSI    0000006c [SR] Beginning Verify and Repair transaction
2014-05-23 22:49:55, Info                  CSI    0000008e [SR] Verify complete
2014-05-23 22:49:56, Info                  CSI    0000008f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:49:56, Info                  CSI    00000090 [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:01, Info                  CSI    00000095 [SR] Verify complete
2014-05-23 22:50:01, Info                  CSI    00000096 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:01, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:07, Info                  CSI    00000099 [SR] Verify complete
2014-05-23 22:50:07, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:07, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:11, Info                  CSI    0000009d [SR] Verify complete
2014-05-23 22:50:11, Info                  CSI    0000009e [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:11, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:16, Info                  CSI    000000a1 [SR] Verify complete
2014-05-23 22:50:16, Info                  CSI    000000a2 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:16, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:21, Info                  CSI    000000a5 [SR] Verify complete
2014-05-23 22:50:21, Info                  CSI    000000a6 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:21, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:26, Info                  CSI    000000a9 [SR] Verify complete
2014-05-23 22:50:26, Info                  CSI    000000aa [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:26, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:29, Info                  CSI    000000ad [SR] Verify complete
2014-05-23 22:50:30, Info                  CSI    000000ae [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:30, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:36, Info                  CSI    000000b1 [SR] Verify complete
2014-05-23 22:50:36, Info                  CSI    000000b2 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:36, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:47, Info                  CSI    000000e3 [SR] Verify complete
2014-05-23 22:50:47, Info                  CSI    000000e4 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:47, Info                  CSI    000000e5 [SR] Beginning Verify and Repair transaction
2014-05-23 22:50:55, Info                  CSI    000000e7 [SR] Verify complete
2014-05-23 22:50:55, Info                  CSI    000000e8 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:50:55, Info                  CSI    000000e9 [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:10, Info                  CSI    000000eb [SR] Verify complete
2014-05-23 22:51:10, Info                  CSI    000000ec [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:10, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:19, Info                  CSI    000000f1 [SR] Verify complete
2014-05-23 22:51:19, Info                  CSI    000000f2 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:19, Info                  CSI    000000f3 [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:23, Info                  CSI    000000f5 [SR] Verify complete
2014-05-23 22:51:23, Info                  CSI    000000f6 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:23, Info                  CSI    000000f7 [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:26, Info                  CSI    000000f9 [SR] Verify complete
2014-05-23 22:51:26, Info                  CSI    000000fa [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:26, Info                  CSI    000000fb [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:28, Info                  CSI    000000fd [SR] Verify complete
2014-05-23 22:51:28, Info                  CSI    000000fe [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:28, Info                  CSI    000000ff [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:31, Info                  CSI    00000101 [SR] Verify complete
2014-05-23 22:51:31, Info                  CSI    00000102 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:31, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:40, Info                  CSI    00000116 [SR] Verify complete
2014-05-23 22:51:40, Info                  CSI    00000117 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:40, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:44, Info                  CSI    0000011a [SR] Verify complete
2014-05-23 22:51:44, Info                  CSI    0000011b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:44, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:46, Info                  CSI    0000011e [SR] Verify complete
2014-05-23 22:51:46, Info                  CSI    0000011f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:46, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:50, Info                  CSI    00000122 [SR] Verify complete
2014-05-23 22:51:51, Info                  CSI    00000123 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:51, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2014-05-23 22:51:55, Info                  CSI    00000126 [SR] Verify complete
2014-05-23 22:51:55, Info                  CSI    00000127 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:51:55, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2014-05-23 22:52:01, Info                  CSI    0000012b [SR] Verify complete
2014-05-23 22:52:01, Info                  CSI    0000012c [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:52:01, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2014-05-23 22:52:10, Info                  CSI    00000130 [SR] Verify complete
2014-05-23 22:52:10, Info                  CSI    00000131 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:52:10, Info                  CSI    00000132 [SR] Beginning Verify and Repair transaction
2014-05-23 22:52:14, Info                  CSI    00000134 [SR] Verify complete
2014-05-23 22:52:14, Info                  CSI    00000135 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:52:14, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2014-05-23 22:52:17, Info                  CSI    00000138 [SR] Verify complete
2014-05-23 22:52:18, Info                  CSI    00000139 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:52:18, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2014-05-23 22:52:20, Info                  CSI    0000013b [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\windows\System32"\[l:24{12}]"lpremove.exe" from store
2014-05-23 22:52:21, Info                  CSI    0000013d [SR] Verify complete
2014-05-23 22:52:21, Info                  CSI    0000013e [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:52:21, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2014-05-23 22:52:28, Info                  CSI    00000141 [SR] Verify complete
2014-05-23 22:52:28, Info                  CSI    00000142 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:52:28, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2014-05-23 22:52:33, Info                  CSI    00000145 [SR] Verify complete
2014-05-23 22:52:34, Info                  CSI    00000146 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:52:34, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2014-05-23 22:52:42, Info                  CSI    00000149 [SR] Verify complete
2014-05-23 22:52:42, Info                  CSI    0000014a [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:52:42, Info                  CSI    0000014b [SR] Beginning Verify and Repair transaction
2014-05-23 22:53:04, Info                  CSI    0000014d [SR] Verify complete
2014-05-23 22:53:04, Info                  CSI    0000014e [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:53:04, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2014-05-23 22:53:14, Info                  CSI    00000167 [SR] Verify complete
2014-05-23 22:53:14, Info                  CSI    00000168 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:53:14, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2014-05-23 22:53:21, Info                  CSI    0000016b [SR] Verify complete
2014-05-23 22:53:21, Info                  CSI    0000016c [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:53:21, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2014-05-23 22:53:29, Info                  CSI    0000016f [SR] Verify complete
2014-05-23 22:53:29, Info                  CSI    00000170 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:53:29, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2014-05-23 22:53:45, Info                  CSI    00000173 [SR] Verify complete
2014-05-23 22:53:46, Info                  CSI    00000174 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:53:46, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2014-05-23 22:53:57, Info                  CSI    00000178 [SR] Verify complete
2014-05-23 22:53:57, Info                  CSI    00000179 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:53:57, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
2014-05-23 22:54:04, Info                  CSI    0000017c [SR] Verify complete
2014-05-23 22:54:04, Info                  CSI    0000017d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:54:04, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2014-05-23 22:54:13, Info                  CSI    00000180 [SR] Verify complete
2014-05-23 22:54:13, Info                  CSI    00000181 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:54:13, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2014-05-23 22:54:20, Info                  CSI    00000184 [SR] Verify complete
2014-05-23 22:54:20, Info                  CSI    00000185 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:54:20, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2014-05-23 22:54:26, Info                  CSI    00000188 [SR] Verify complete
2014-05-23 22:54:27, Info                  CSI    00000189 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:54:27, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2014-05-23 22:54:30, Info                  CSI    0000018c [SR] Verify complete
2014-05-23 22:54:31, Info                  CSI    0000018d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:54:31, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2014-05-23 22:54:36, Info                  CSI    00000192 [SR] Verify complete
2014-05-23 22:54:37, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:54:37, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2014-05-23 22:54:42, Info                  CSI    00000196 [SR] Verify complete
2014-05-23 22:54:42, Info                  CSI    00000197 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:54:42, Info                  CSI    00000198 [SR] Beginning Verify and Repair transaction
2014-05-23 22:54:59, Info                  CSI    0000019a [SR] Verify complete
2014-05-23 22:54:59, Info                  CSI    0000019b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:54:59, Info                  CSI    0000019c [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:06, Info                  CSI    0000019f [SR] Verify complete
2014-05-23 22:55:06, Info                  CSI    000001a0 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:06, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:12, Info                  CSI    000001a3 [SR] Verify complete
2014-05-23 22:55:12, Info                  CSI    000001a4 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:12, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:17, Info                  CSI    000001a8 [SR] Verify complete
2014-05-23 22:55:17, Info                  CSI    000001a9 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:17, Info                  CSI    000001aa [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:23, Info                  CSI    000001ac [SR] Verify complete
2014-05-23 22:55:23, Info                  CSI    000001ad [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:23, Info                  CSI    000001ae [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:32, Info                  CSI    000001b1 [SR] Verify complete
2014-05-23 22:55:32, Info                  CSI    000001b2 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:32, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:39, Info                  CSI    000001b5 [SR] Verify complete
2014-05-23 22:55:39, Info                  CSI    000001b6 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:39, Info                  CSI    000001b7 [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:44, Info                  CSI    000001b9 [SR] Verify complete
2014-05-23 22:55:44, Info                  CSI    000001ba [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:44, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:51, Info                  CSI    000001bd [SR] Verify complete
2014-05-23 22:55:51, Info                  CSI    000001be [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:51, Info                  CSI    000001bf [SR] Beginning Verify and Repair transaction
2014-05-23 22:55:55, Info                  CSI    000001c1 [SR] Verify complete
2014-05-23 22:55:56, Info                  CSI    000001c2 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:55:56, Info                  CSI    000001c3 [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:01, Info                  CSI    000001c6 [SR] Verify complete
2014-05-23 22:56:01, Info                  CSI    000001c7 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:01, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:09, Info                  CSI    000001ca [SR] Verify complete
2014-05-23 22:56:09, Info                  CSI    000001cb [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:09, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:13, Info                  CSI    000001ce [SR] Verify complete
2014-05-23 22:56:13, Info                  CSI    000001cf [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:13, Info                  CSI    000001d0 [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:21, Info                  CSI    000001d3 [SR] Verify complete
2014-05-23 22:56:21, Info                  CSI    000001d4 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:21, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:28, Info                  CSI    000001d8 [SR] Verify complete
2014-05-23 22:56:28, Info                  CSI    000001d9 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:28, Info                  CSI    000001da [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:35, Info                  CSI    000001de [SR] Verify complete
2014-05-23 22:56:35, Info                  CSI    000001df [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:35, Info                  CSI    000001e0 [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:41, Info                  CSI    000001e3 [SR] Verify complete
2014-05-23 22:56:41, Info                  CSI    000001e4 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:41, Info                  CSI    000001e5 [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:49, Info                  CSI    000001e7 [SR] Verify complete
2014-05-23 22:56:49, Info                  CSI    000001e8 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:49, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2014-05-23 22:56:56, Info                  CSI    000001ec [SR] Verify complete
2014-05-23 22:56:57, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:56:57, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:03, Info                  CSI    000001f0 [SR] Verify complete
2014-05-23 22:57:03, Info                  CSI    000001f1 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:03, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:05, Info                  CSI    000001f4 [SR] Cannot repair member file [l:22{11}]"vcomp90.dll" of Microsoft.VC90.OpenMP, Version = 9.0.30729.6161, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:1fc8b3b9a1e18e3b}, Type = [l:10{5}]"win32", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-05-23 22:57:08, Info                  CSI    000001f6 [SR] Verify complete
2014-05-23 22:57:08, Info                  CSI    000001f7 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:08, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:10, Info                  CSI    000001fa [SR] Verify complete
2014-05-23 22:57:10, Info                  CSI    000001fb [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:10, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:15, Info                  CSI    000001fe [SR] Verify complete
2014-05-23 22:57:15, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:15, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:20, Info                  CSI    00000202 [SR] Verify complete
2014-05-23 22:57:20, Info                  CSI    00000203 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:20, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:26, Info                  CSI    00000206 [SR] Verify complete
2014-05-23 22:57:26, Info                  CSI    00000207 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:26, Info                  CSI    00000208 [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:31, Info                  CSI    0000020a [SR] Verify complete
2014-05-23 22:57:31, Info                  CSI    0000020b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:31, Info                  CSI    0000020c [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:34, Info                  CSI    0000020e [SR] Verify complete
2014-05-23 22:57:34, Info                  CSI    0000020f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:34, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:40, Info                  CSI    00000212 [SR] Verify complete
2014-05-23 22:57:40, Info                  CSI    00000213 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:40, Info                  CSI    00000214 [SR] Beginning Verify and Repair transaction
2014-05-23 22:57:50, Info                  CSI    00000216 [SR] Verify complete
2014-05-23 22:57:50, Info                  CSI    00000217 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:57:50, Info                  CSI    00000218 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:01, Info                  CSI    0000021a [SR] Verify complete
2014-05-23 22:58:01, Info                  CSI    0000021b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:01, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:18, Info                  CSI    0000021e [SR] Verify complete
2014-05-23 22:58:18, Info                  CSI    0000021f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:18, Info                  CSI    00000220 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:23, Info                  CSI    00000222 [SR] Verify complete
2014-05-23 22:58:23, Info                  CSI    00000223 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:23, Info                  CSI    00000224 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:29, Info                  CSI    00000226 [SR] Verify complete
2014-05-23 22:58:30, Info                  CSI    00000227 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:30, Info                  CSI    00000228 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:34, Info                  CSI    0000022a [SR] Verify complete
2014-05-23 22:58:34, Info                  CSI    0000022b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:34, Info                  CSI    0000022c [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:37, Info                  CSI    0000022e [SR] Verify complete
2014-05-23 22:58:37, Info                  CSI    0000022f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:37, Info                  CSI    00000230 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:40, Info                  CSI    00000232 [SR] Verify complete
2014-05-23 22:58:41, Info                  CSI    00000233 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:41, Info                  CSI    00000234 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:44, Info                  CSI    00000236 [SR] Verify complete
2014-05-23 22:58:44, Info                  CSI    00000237 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:44, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:48, Info                  CSI    0000023a [SR] Verify complete
2014-05-23 22:58:48, Info                  CSI    0000023b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:48, Info                  CSI    0000023c [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:54, Info                  CSI    0000023e [SR] Verify complete
2014-05-23 22:58:54, Info                  CSI    0000023f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:54, Info                  CSI    00000240 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:56, Info                  CSI    00000242 [SR] Verify complete
2014-05-23 22:58:56, Info                  CSI    00000243 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:56, Info                  CSI    00000244 [SR] Beginning Verify and Repair transaction
2014-05-23 22:58:57, Info                  CSI    00000246 [SR] Verify complete
2014-05-23 22:58:57, Info                  CSI    00000247 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:58:57, Info                  CSI    00000248 [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:03, Info                  CSI    00000250 [SR] Verify complete
2014-05-23 22:59:03, Info                  CSI    00000251 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:03, Info                  CSI    00000252 [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:07, Info                  CSI    00000254 [SR] Verify complete
2014-05-23 22:59:07, Info                  CSI    00000255 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:07, Info                  CSI    00000256 [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:11, Info                  CSI    00000258 [SR] Verify complete
2014-05-23 22:59:11, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:11, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:14, Info                  CSI    0000025c [SR] Verify complete
2014-05-23 22:59:14, Info                  CSI    0000025d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:14, Info                  CSI    0000025e [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:18, Info                  CSI    00000260 [SR] Verify complete
2014-05-23 22:59:18, Info                  CSI    00000261 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:18, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:22, Info                  CSI    00000264 [SR] Verify complete
2014-05-23 22:59:22, Info                  CSI    00000265 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:22, Info                  CSI    00000266 [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:30, Info                  CSI    00000269 [SR] Verify complete
2014-05-23 22:59:30, Info                  CSI    0000026a [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:30, Info                  CSI    0000026b [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:36, Info                  CSI    0000026d [SR] Verify complete
2014-05-23 22:59:36, Info                  CSI    0000026e [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:36, Info                  CSI    0000026f [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:39, Info                  CSI    00000271 [SR] Verify complete
2014-05-23 22:59:39, Info                  CSI    00000272 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:39, Info                  CSI    00000273 [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:43, Info                  CSI    00000275 [SR] Verify complete
2014-05-23 22:59:43, Info                  CSI    00000276 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:43, Info                  CSI    00000277 [SR] Beginning Verify and Repair transaction
2014-05-23 22:59:55, Info                  CSI    0000027c [SR] Verify complete
2014-05-23 22:59:55, Info                  CSI    0000027d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 22:59:55, Info                  CSI    0000027e [SR] Beginning Verify and Repair transaction
2014-05-23 23:00:07, Info                  CSI    00000282 [SR] Verify complete
2014-05-23 23:00:07, Info                  CSI    00000283 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:00:07, Info                  CSI    00000284 [SR] Beginning Verify and Repair transaction
2014-05-23 23:00:14, Info                  CSI    00000288 [SR] Verify complete
2014-05-23 23:00:15, Info                  CSI    00000289 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:00:15, Info                  CSI    0000028a [SR] Beginning Verify and Repair transaction
2014-05-23 23:00:22, Info                  CSI    00000292 [SR] Verify complete
2014-05-23 23:00:22, Info                  CSI    00000293 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:00:22, Info                  CSI    00000294 [SR] Beginning Verify and Repair transaction
2014-05-23 23:00:31, Info                  CSI    0000029b [SR] Verify complete
2014-05-23 23:00:31, Info                  CSI    0000029c [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:00:31, Info                  CSI    0000029d [SR] Beginning Verify and Repair transaction
2014-05-23 23:00:39, Info                  CSI    000002a6 [SR] Verify complete
2014-05-23 23:00:39, Info                  CSI    000002a7 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:00:39, Info                  CSI    000002a8 [SR] Beginning Verify and Repair transaction
2014-05-23 23:00:44, Info                  CSI    000002aa [SR] Verify complete
2014-05-23 23:00:45, Info                  CSI    000002ab [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:00:45, Info                  CSI    000002ac [SR] Beginning Verify and Repair transaction
2014-05-23 23:00:50, Info                  CSI    000002b0 [SR] Verify complete
2014-05-23 23:00:51, Info                  CSI    000002b1 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:00:51, Info                  CSI    000002b2 [SR] Beginning Verify and Repair transaction
2014-05-23 23:00:56, Info                  CSI    000002b4 [SR] Verify complete
2014-05-23 23:00:56, Info                  CSI    000002b5 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:00:56, Info                  CSI    000002b6 [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:02, Info                  CSI    000002be [SR] Verify complete
2014-05-23 23:01:02, Info                  CSI    000002bf [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:02, Info                  CSI    000002c0 [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:10, Info                  CSI    000002df [SR] Verify complete
2014-05-23 23:01:10, Info                  CSI    000002e0 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:10, Info                  CSI    000002e1 [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:15, Info                  CSI    000002e3 [SR] Verify complete
2014-05-23 23:01:15, Info                  CSI    000002e4 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:15, Info                  CSI    000002e5 [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:20, Info                  CSI    000002e7 [SR] Verify complete
2014-05-23 23:01:20, Info                  CSI    000002e8 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:20, Info                  CSI    000002e9 [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:26, Info                  CSI    000002eb [SR] Verify complete
2014-05-23 23:01:26, Info                  CSI    000002ec [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:26, Info                  CSI    000002ed [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:30, Info                  CSI    000002ef [SR] Verify complete
2014-05-23 23:01:30, Info                  CSI    000002f0 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:30, Info                  CSI    000002f1 [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:36, Info                  CSI    00000301 [SR] Verify complete
2014-05-23 23:01:37, Info                  CSI    00000302 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:37, Info                  CSI    00000303 [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:47, Info                  CSI    00000305 [SR] Verify complete
2014-05-23 23:01:47, Info                  CSI    00000306 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:47, Info                  CSI    00000307 [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:51, Info                  CSI    0000030b [SR] Verify complete
2014-05-23 23:01:51, Info                  CSI    0000030c [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:51, Info                  CSI    0000030d [SR] Beginning Verify and Repair transaction
2014-05-23 23:01:58, Info                  CSI    00000319 [SR] Verify complete
2014-05-23 23:01:58, Info                  CSI    0000031a [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:01:58, Info                  CSI    0000031b [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:01, Info                  CSI    0000031d [SR] Verify complete
2014-05-23 23:02:01, Info                  CSI    0000031e [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:01, Info                  CSI    0000031f [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:07, Info                  CSI    00000321 [SR] Verify complete
2014-05-23 23:02:07, Info                  CSI    00000322 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:07, Info                  CSI    00000323 [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:13, Info                  CSI    00000326 [SR] Verify complete
2014-05-23 23:02:13, Info                  CSI    00000327 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:13, Info                  CSI    00000328 [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:17, Info                  CSI    0000032a [SR] Verify complete
2014-05-23 23:02:17, Info                  CSI    0000032b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:17, Info                  CSI    0000032c [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:19, Info                  CSI    0000032e [SR] Verify complete
2014-05-23 23:02:19, Info                  CSI    0000032f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:19, Info                  CSI    00000330 [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:26, Info                  CSI    00000332 [SR] Verify complete
2014-05-23 23:02:26, Info                  CSI    00000333 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:26, Info                  CSI    00000334 [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:31, Info                  CSI    00000336 [SR] Verify complete
2014-05-23 23:02:31, Info                  CSI    00000337 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:31, Info                  CSI    00000338 [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:36, Info                  CSI    0000033a [SR] Verify complete
2014-05-23 23:02:36, Info                  CSI    0000033b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:36, Info                  CSI    0000033c [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:44, Info                  CSI    00000356 [SR] Verify complete
2014-05-23 23:02:44, Info                  CSI    00000357 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:44, Info                  CSI    00000358 [SR] Beginning Verify and Repair transaction
2014-05-23 23:02:50, Info                  CSI    0000035a [SR] Verify complete
2014-05-23 23:02:50, Info                  CSI    0000035b [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:02:50, Info                  CSI    0000035c [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:04, Info                  CSI    0000035e [SR] Verify complete
2014-05-23 23:03:04, Info                  CSI    0000035f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:04, Info                  CSI    00000360 [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:08, Info                  CSI    00000362 [SR] Verify complete
2014-05-23 23:03:08, Info                  CSI    00000363 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:08, Info                  CSI    00000364 [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:13, Info                  CSI    00000366 [SR] Verify complete
2014-05-23 23:03:13, Info                  CSI    00000367 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:13, Info                  CSI    00000368 [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:17, Info                  CSI    0000036b [SR] Verify complete
2014-05-23 23:03:17, Info                  CSI    0000036c [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:17, Info                  CSI    0000036d [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:20, Info                  CSI    00000370 [SR] Verify complete
2014-05-23 23:03:21, Info                  CSI    00000371 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:21, Info                  CSI    00000372 [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:25, Info                  CSI    00000374 [SR] Verify complete
2014-05-23 23:03:25, Info                  CSI    00000375 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:25, Info                  CSI    00000376 [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:29, Info                  CSI    00000378 [SR] Verify complete
2014-05-23 23:03:29, Info                  CSI    00000379 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:29, Info                  CSI    0000037a [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:34, Info                  CSI    0000037c [SR] Verify complete
2014-05-23 23:03:34, Info                  CSI    0000037d [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:34, Info                  CSI    0000037e [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:39, Info                  CSI    00000380 [SR] Verify complete
2014-05-23 23:03:39, Info                  CSI    00000381 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:39, Info                  CSI    00000382 [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:44, Info                  CSI    00000385 [SR] Verify complete
2014-05-23 23:03:44, Info                  CSI    00000386 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:44, Info                  CSI    00000387 [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:48, Info                  CSI    00000389 [SR] Verify complete
2014-05-23 23:03:48, Info                  CSI    0000038a [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:48, Info                  CSI    0000038b [SR] Beginning Verify and Repair transaction
2014-05-23 23:03:52, Info                  CSI    0000038e [SR] Verify complete
2014-05-23 23:03:52, Info                  CSI    0000038f [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:03:52, Info                  CSI    00000390 [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:00, Info                  CSI    00000392 [SR] Verify complete
2014-05-23 23:04:00, Info                  CSI    00000393 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:04:00, Info                  CSI    00000394 [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:06, Info                  CSI    00000396 [SR] Verify complete
2014-05-23 23:04:06, Info                  CSI    00000397 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:04:06, Info                  CSI    00000398 [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:15, Info                  CSI    0000039b [SR] Verify complete
2014-05-23 23:04:15, Info                  CSI    0000039c [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:04:15, Info                  CSI    0000039d [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:19, Info                  CSI    0000039f [SR] Verify complete
2014-05-23 23:04:19, Info                  CSI    000003a0 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:04:19, Info                  CSI    000003a1 [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:26, Info                  CSI    000003a3 [SR] Verify complete
2014-05-23 23:04:26, Info                  CSI    000003a4 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:04:26, Info                  CSI    000003a5 [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:31, Info                  CSI    000003a7 [SR] Verify complete
2014-05-23 23:04:31, Info                  CSI    000003a8 [SR] Verifying 100 (0x0000000000000064) components
2014-05-23 23:04:31, Info                  CSI    000003a9 [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:37, Info                  CSI    000003ab [SR] Verify complete
2014-05-23 23:04:37, Info                  CSI    000003ac [SR] Verifying 39 (0x0000000000000027) components
2014-05-23 23:04:37, Info                  CSI    000003ad [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:39, Info                  CSI    000003af [SR] Verify complete
2014-05-23 23:04:39, Info                  CSI    000003b0 [SR] Repairing 2 components
2014-05-23 23:04:39, Info                  CSI    000003b1 [SR] Beginning Verify and Repair transaction
2014-05-23 23:04:39, Info                  CSI    000003b3 [SR] Cannot repair member file [l:22{11}]"vcomp90.dll" of Microsoft.VC90.OpenMP, Version = 9.0.30729.6161, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:1fc8b3b9a1e18e3b}, Type = [l:10{5}]"win32", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-05-23 23:04:39, Info                  CSI    000003b4 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\windows\System32"\[l:24{12}]"lpremove.exe" from store
2014-05-23 23:04:39, Info                  CSI    000003b6 [SR] Repair complete
2014-05-23 23:04:39, Info                  CSI    000003b7 [SR] Committing transaction
2014-05-23 23:04:39, Info                  CSI    000003bb [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
 
What does this help you with?
 
It would be interesting to know what the combination of these letters and numbers mean. :)

#14 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 24 May 2014 - 05:59 PM

Hello HelpAppreciated, 
 

May I ask, what does this information show you?    :scratch:

Internet Protocol version 6 (IPv6) is a mandatory part of Windows Vista and later versions. It is not recommend that IPv6 or its components are disabled, or some Windows components may not function. The registry key I had you export is associated with this protocol. By running the following .reg file, we will fix the issue with your Microsoft Teredo Tunneling Adapter.
 

What does this help you with?
It would be interesting to know what the combination of these letters and numbers mean.   :)

System File Checker (SFC) is a utility in Windows that allows users to scan for corruptions in Windows system files and restore corrupted files. SFC verifies files in groups of 100. Each group begins with an [SR] tag; which is why I searched for this string in your SFC log. 
 
Your Event Error Logs show the Windows Search Service Content Index Catalog is corrupt. This is why I had you run SFC. 

 
 
STEP 1
zrguS2W.png Tweaking Registry Backup

  • Please download Tweaking.com Registry Backup and save the file to your desktop.
  • Double-click on the file and follow the prompts. 
  • Once installed, double-click on the Tweaking.com Registry Backup icon. 
  • The tool should automatically open to the Backup Registry tab. If not, click the Backup Registry tab.
  • Press Backup Now.
  • Once complete, the tool will tell you that Successful */* Files Backed Up.
  • You have now successfully backed up your Registry.
     

STEP 2
GIRjHjL.png Reg Fix 

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document. 
    Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS]
"DisabledComponents"=dword:00000000
  • Click Format. Ensure Wordwrap is unchecked
  • Click FileSave As and name the file regfix.reg.
  • Select All Files as the Save as type.
  • Save the file to your desktop
  • Locate regfix.reg on your desktop. Right-click the file and click Merge with the Registry
  • Accept any prompts. 
  • Reboot your computer for the changes to take effect.
     

STEP 3
rzqZvBe.png MiniToolBox

  • Please download MiniToolBox and save the file to your desktop.
  • Close any Mozilla Firefox windows.
  • Right-Click MiniToolBox.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Check the following items:
    • njvAG80.png
    • 6N6QY9z.png
    • VAFn5gg.png
    • kLju9nY.png
    • chxHkm0.png
    • 6KiAnDw.png
    • rO2mCup.png & Ii0HSu5.png
    • vz7b54X.png
  • Click 9Z8u2SR.png.
  • A log (Result.txt) will be created on your desktop. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did the reg fix merge successfully?
  • Result.txt

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

#15 HelpAppreciated

HelpAppreciated

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 25 May 2014 - 09:30 PM

Hello,

 

The reg fix did seem to merge successfully as I did not get any error messages regarding it. 

 

Thank you for explaining those things in your last post. :D I was wondering what Microsoft Teredo Tunneling Adapter actually does. I'm fairly sure I've been having issues with it for quite some time.

 

Here is the contents of Result.txt:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Bozkurt (administrator) on 25-05-2014 at 23:25:28
Running from "C:\Users\Bozkurt\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: 127.0.0.1:5060
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= IP Configuration: ================================
 
Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection 2 (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Toshiba-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 1C-65-9D-D2-AB-F8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 1C-65-9D-D2-AB-F8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::692d:a67e:7aca:60fd%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.110(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : May-25-14 11:22:32 PM
   Lease Expires . . . . . . . . . . : May-26-14 11:22:32 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 337405341
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-14-AA-80-00-26-6C-9D-D8-DC
   DNS Servers . . . . . . . . . . . : 216.8.137.203
                                       216.8.137.204
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : 00-26-6C-9D-D8-DC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{5544DF6E-5C90-40AF-BC7E-54C74F13DEBA}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{8F59F557-F55B-4434-890A-0809C47D18F7}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:346f:3da0:27f7:7ca8(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::346f:3da0:27f7:7ca8%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{8F8BC50A-DB51-43BF-AC2B-895F206C328E}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  216.8.137.203
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
 
Pinging google.com [74.125.226.142] with 32 bytes of data:
Reply from 74.125.226.142: bytes=32 time=20ms TTL=58
Reply from 74.125.226.142: bytes=32 time=20ms TTL=58
 
Ping statistics for 74.125.226.142:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 20ms, Average = 20ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  216.8.137.203
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=38ms TTL=53
Reply from 98.139.183.24: bytes=32 time=41ms TTL=53
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 38ms, Maximum = 41ms, Average = 39ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...1c 65 9d d2 ab f8 ......Microsoft Virtual WiFi Miniport Adapter
 12...1c 65 9d d2 ab f8 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
 10...00 26 6c 9d d8 dc ......Atheros AR8152 PCI-E Fast Ethernet Controller
  1...........................Software Loopback Interface 1
 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 13...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
 31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.110     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.110    281
    192.168.1.110  255.255.255.255         On-link     192.168.1.110    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.110    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.110    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.110    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6abd:346f:3da0:27f7:7ca8/128
                                    On-link
 12    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::346f:3da0:27f7:7ca8/128
                                    On-link
 12    281 fe80::692d:a67e:7aca:60fd/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/24/2014 10:56:40 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:40 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:40 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:40 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (05/24/2014 10:56:39 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:39 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/24/2014 10:56:38 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:38 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:38 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.
 
 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
Error: (05/24/2014 10:56:38 AM) (Source: ESENT) (User: )
Description: Windows (2664) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0004D.log.
 
 
System errors:
=============
Error: (05/24/2014 10:56:40 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/24/2014 10:56:40 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (05/23/2014 04:11:35 PM) (Source: Service Control Manager) (User: )
Description: The Hotspot Shield Monitoring Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/23/2014 03:58:27 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/23/2014 03:58:27 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (05/22/2014 08:16:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
 
Error: (05/21/2014 05:16:56 PM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (05/20/2014 04:03:01 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/20/2014 04:03:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (05/18/2014 00:00:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
 
Microsoft Office Sessions:
=========================
Error: (05/24/2014 10:56:40 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:40 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:40 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/24/2014 10:56:40 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (05/24/2014 10:56:39 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
Error: (05/24/2014 10:56:39 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/24/2014 10:56:38 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
Error: (05/24/2014 10:56:38 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700
 
Error: (05/24/2014 10:56:38 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
Error: (05/24/2014 10:56:38 AM) (Source: ESENT)(User: )
Description: Windows2664Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0004D.log-1811
 
 
========================= Devices: ================================
 
========================= Restore Points ==================================
 
27-04-2014 20:02:09 Scheduled Checkpoint
02-05-2014 14:22:59 Windows Update
06-05-2014 04:52:48 Windows Update
14-05-2014 04:13:30 Windows Update
 
**** End of log ****

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: proxy

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·