Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mozilla freezed, PC dead slow and freezed, ESET can not clean it


  • Please log in to reply
39 replies to this topic

#1 alexnyc

alexnyc

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 10 February 2013 - 06:33 PM

The following are 2 logs from ESET:

 

2/9/2013 10:42:40 AM    Real-time file system protection    file    C:\Users\Neo\Downloads\cbsidlm-cbsi5_3_0_93-PhotoScape-ORG-10703122.exe    a variant of Win32/CNETInstaller.A potentially unwanted application    unable to clean    NT AUTHORITY\SYSTEM    Event occurred during an attempt to run the file by the application: C:\Windows\System32\svchost.exe.

 

2/10/2013 11:50:08 AM    Operating memory;C:\Boot sector;D:\Boot sector;F:\Boot sector;C:\;D:\;F:\    330452    1    0    Completed
2/9/2013 2:16:50 PM    G:\    616    0    0    Completed
2/8/2013 9:48:58 AM    Operating memory;Boot sector;C:\Boot sector;C:\    130468    1    0    Completed
2/7/2013 9:40:55 PM    D:\Data\Microsoft Office Xp Pro (Word, Excel, Powerpoint, Outlook, Access, Frontpage, Publisher 2003).zip    52124    0    0    Completed
2/7/2013 5:21:19 PM    Operating memory;C:\Boot sector;D:\Boot sector;F:\Boot sector;C:\;D:\;F:\    417315    1    0    Completed
2/7/2013 5:13:39 PM    F:\    84900    0    0    Completed
2/6/2013 10:17:58 PM    D:\    114618    0    0    Completed
2/6/2013 12:55:30 PM    C:\Users\Neo\Downloads\RevoUninProSetup.exe    2    0    0    Completed
2/6/2013 12:44:38 PM    Operating memory;Boot sector;C:\Boot sector;C:\    126677    1    0    Completed
2/6/2013 12:43:59 PM    Operating memory;C:\Boot sector;D:\Boot sector;F:\Boot sector;C:\;D:\;F:\    469    0    0    Interrupted by user
2/6/2013 12:38:18 PM    Operating memory;Boot sector;C:\Boot sector;C:\    128548    2    0    Completed
2/6/2013 12:07:17 PM    C:\Users\Neo\Downloads\OTL.exe    2    0    0    Completed
2/6/2013 11:20:31 AM    C:\Users\Neo\Downloads\wpsetup.exe    2    0    0    Completed
2/6/2013 10:26:15 AM    Operating memory;C:\Boot sector;D:\Boot sector;C:\;D:\    454491    2    0    Completed
2/6/2013 8:48:03 AM    Operating memory;Boot sector;C:\Boot sector;C:\;D:\Boot sector;D:\;E:\Boot sector;E:\;F:\Boot sector;F:\    0    0    0    Scanning in progress
2/6/2013 8:24:46 AM    Operating memory;Boot sector;C:\Boot sector;C:\;D:\Boot sector;D:\;F:\Boot sector;F:\    0    0    0    Scanning in progress
2/6/2013 2:52:57 AM    C:\Users\Neo\Downloads\dotNetFx40_Full_setup.exe    2    0    0    Completed
2/6/2013 2:47:49 AM    C:\Users\Neo\Downloads\cbsidlm-tr1_10a-Jing-ORG-10744274.exe    79    1    0    Completed
2/6/2013 2:47:10 AM    C:\Users\Neo\Downloads\cbsidlm-tr1_10a-Jing-ORG-10744274.exe    79    1    0    Completed
2/5/2013 11:45:00 AM    C:\Users\Neo\Downloads\install_reader11_en_mssd_aih.exe    115    0    0    Completed
2/4/2013 10:38:47 AM    F:\    0    0    0    Scanning in progress
2/3/2013 8:12:53 PM    F:\    84956    0    0    Completed
2/3/2013 10:31:13 AM    Operating memory;Boot sector;C:\Boot sector;C:\;D:\Boot sector;D:\;E:\Boot sector;E:\;F:\Boot sector;F:\    357696    0    0    Completed
2/2/2013 4:41:54 PM    C:\Users\Neo\Downloads\VuzeInstaller.exe    2    0    0    Completed
2/2/2013 4:04:32 PM    C:\Users\Neo\Downloads\SkypeSetupFull.exe    2    0    0    Completed
2/2/2013 1:26:33 AM    C:\Users\Neo\Desktop\avgrep.txt    1    0    0    Completed
2/1/2013 9:52:18 PM    G:\    78589    0    0    Completed
2/1/2013 4:35:01 PM    F:\    84952    0    0    Completed
2/1/2013 10:02:32 AM    Operating memory;C:\Boot sector;D:\Boot sector;C:\;D:\    339474    0    0    Completed
2/1/2013 9:37:31 AM    Operating memory;C:\Boot sector;D:\Boot sector;C:\;D:\    0    0    0    Scanning in progress
1/31/2013 2:25:12 PM    C:\Users\Neo\Downloads\install_flash_player.exe    2    0    0    Completed
1/31/2013 8:28:11 AM    Operating memory;Boot sector;C:\Boot sector;C:\;D:\Boot sector;D:\;E:\Boot sector;E:\;F:\Boot sector;F:\    288465    0    0    Completed
1/30/2013 8:17:53 PM    F:\    84949    0    0    Completed
1/30/2013 4:29:46 PM    Operating memory;C:\Boot sector;D:\Boot sector;F:\Boot sector;C:\;D:\;F:\    271089    0    0    Completed
1/30/2013 4:19:25 PM    C:\Users\Neo\Downloads\ccsetup327.exe    2    0    0    Completed
1/30/2013 4:16:09 PM    C:\Users\Neo\Downloads\vlc-2.0.5-win32.exe    713    0    0    Completed
1/30/2013 4:02:53 PM    F:\    85286    0    0    Completed
1/30/2013 4:01:57 PM    E:\    0    0    0    Completed
1/30/2013 4:01:48 PM    E:\    0    0    0    Completed
1/30/2013 3:59:35 PM    D:\    33188    0    0    Completed
1/30/2013 3:50:05 PM    F:\    85356    3    3    Completed

 

Simptoms:

1) Mozilla will freeze, and later go to an stoll. PC will freeze and will have to reboot.

2) Black screen at restart point, long wait, it does start with no error/virus message (yet).

3) ESET found CNET Installer and it is unable to clean it.

4) FYI: I recently had to reinstall Windows 7 after VIRUT infection. I am afraid that traces of virus or new viruses could be at the core of my PC (I am not a pro but something is definitely wrong).

5) I had to restart 5 times my PC in order to be able to make it work at decent speed. Sometimes the longer that I stay logged in while using Mozilla the slower it gets, and then freezes.

 

 

I would really appreciate if you could tell me what to do next.

I ran Malwarebytes, ESET, AVG.

I ran Revo Uninstaller Pro hoping to get rid off bad data but to my surprise the problems first found by ESET scan were not eliminited after long clean up done with Revo.

Have you used Revo in the past? Is it worth keeping it on my PC?

Sincerely,

Alex.

 

*moderator edit: moved from Windows 7 to the appropriate forum. ~ Queen-Evie*
 


Edited by alexnyc, 10 February 2013 - 06:56 PM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 11 February 2013 - 12:34 PM

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Report FF Proxy Settings
Reset Ie proxy Settins
Reset FF proxy settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result. 

Download Adware Cleaner run it Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Emsisoft Emergency Kit and save it to your desktop. Right-click on EmsisoftEmergencyKit.zip and select Extract All.... Leave all settings as they are and click Extract. You will now have a folder named EmsisoftEmergencyKit on your desktop.

Open the EmsisoftEmergencyKit
http://www.emsisoft.com/en/software/eek/download/
folder and double-click Start.exe.
A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
When asked to run an online update, click Yes.
When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
Select the Deep Scan option and click the SCAN button.
When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
Copy/paste the report contents in your next reply.



#3 alexnyc

alexnyc
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 11 February 2013 - 04:29 PM

MINITOOLBOX log:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Neo (administrator) on 11-02-2013 at 16:26:57
Running from "C:\Users\Neo\Downloads"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Neo-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : earthlink.net

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : earthlink.net
   Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 90-2B-34-26-59-A3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5c47:90c1:fd2c:61fe%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, February 11, 2013 3:20:24 PM
   Lease Expires . . . . . . . . . . : Tuesday, February 12, 2013 3:20:24 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 244329268
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-9B-1C-36-90-2B-34-26-59-A3
   DNS Servers . . . . . . . . . . . : 8.26.56.26
                                       156.154.70.22
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.earthlink.net:

   Connection-specific DNS Suffix  . : earthlink.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.101%11(Preferred)
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 8.26.56.26
                                       156.154.70.22
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:342d:340e:2f87:d0a(Preferred)
   Link-local IPv6 Address . . . . . : fe80::342d:340e:2f87:d0a%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  ns1.recursive.dns.com
Address:  8.26.56.26

Name:    google.com.earthlink.net
Addresses:  fe80:1::225:90ff:fe19:4b12
      92.242.144.50


Pinging google.com [173.194.69.113] with 32 bytes of data:
Request timed out.
Reply from 173.194.69.113: bytes=32 time=162ms TTL=37

Ping statistics for 173.194.69.113:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 162ms, Maximum = 162ms, Average = 162ms
Server:  ns1.recursive.dns.com
Address:  8.26.56.26

Name:    yahoo.com.earthlink.net
Addresses:  fe80:1::225:90ff:fe19:4b12
      92.242.144.50


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Request timed out.
Reply from 206.190.36.45: bytes=32 time=154ms TTL=48

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 154ms, Maximum = 154ms, Average = 154ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...90 2b 34 26 59 a3 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link     192.168.1.101    296
  169.254.255.255  255.255.255.255         On-link     192.168.1.101    276
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    276
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:5ef5:79fd:342d:340e:2f87:d0a/128
                                    On-link
 10    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 11    281 fe80::5efe:192.168.1.101/128
                                    On-link
 13    306 fe80::342d:340e:2f87:d0a/128
                                    On-link
 10    276 fe80::5c47:90c1:fd2c:61fe/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/11/2013 03:20:48 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:48 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:48 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:48 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (02/11/2013 03:20:47 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:47 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/11/2013 03:20:47 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:47 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:46 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (02/11/2013 03:20:46 PM) (Source: ESENT) (User: )
Description: Windows (4824) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00008.log.


System errors:
=============
Error: (02/11/2013 03:20:49 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/11/2013 03:20:49 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (02/11/2013 03:20:27 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/11/2013 03:20:25 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/11/2013 03:19:04 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/11/2013 10:44:59 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/11/2013 10:44:57 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/11/2013 10:44:56 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:43:50 AM on ?2/?11/?2013 was unexpected.

Error: (02/11/2013 10:30:21 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (02/11/2013 10:23:01 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (02/11/2013 03:20:48 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:48 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:48 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/11/2013 03:20:48 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (02/11/2013 03:20:47 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (02/11/2013 03:20:47 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/11/2013 03:20:47 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (02/11/2013 03:20:47 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (02/11/2013 03:20:46 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (02/11/2013 03:20:46 PM) (Source: ESENT)(User: )
Description: Windows4824Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00008.log-1811


=========================== Installed Programs ============================

@BIOS (Version: 2.20)
32 Bit HP CIO Components Installer (Version: 6.1.2)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.1.1.116)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.4.4)
AutoGreen B10.1021.1 (Version: 1.00.0000)
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2890)
AVG 2013 (Version: 2013.0.2890)
Bonjour (Version: 1.0.106)
BufferChm (Version: 140.0.212.000)
CameraHelperMsi (Version: 13.50.854.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Full Existing (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Full New (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Light (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Previews Common (Version: 2010.0406.2133.36843)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0406.2133.36843)
Catalyst Control Center HydraVision Full (Version: 2010.0406.2133.36843)
ccc-core-static (Version: 2010.0406.2133.36843)
ccc-utility (Version: 2010.0406.2133.36843)
CCC Help English (Version: 2010.0406.2132.36843)
CCleaner (Version: 3.27)
Comodo Dragon (Version: 24.2.0.0)
COMODO Internet Security (Version: 5.12.59641.2599)
Coupon Printer for Windows (Version: 5.0.0.0)
D1600 (Version: 140.0.690.000)
DeviceDiscovery (Version: 140.0.212.000)
DJ_SF_06_D1600_SW_Min (Version: 140.0.690.000)
Easy Tune 6 B11.1124.1 (Version: 1.00.0000)
erLT (Version: 1.20.138.34)
ESET NOD32 Antivirus (Version: 6.0.308.0)
GeekBuddy (Version: 4.4.47)
GPBaseService2 (Version: 140.0.211.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
ON_OFF Charge B11.1102.1 (Version: 1.00.0001)
PhotoScape
QuickTime (Version: 7.65.17.80)
Realtek High Definition Audio Driver (Version: 6.0.1.6482)
Revo Uninstaller Pro 2.5.9 (Version: 2.5.9)
Shop for HP Supplies (Version: 14.0)
Skype™ 6.1 (Version: 6.1.129)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
Splashtop Connect for Firefox (Version: 1.1.8.4)
Splashtop Connect IE (Version: 1.1.13.1)
SplitCam (Version: 5.4.6.0)
Status (Version: 140.0.212.000)
The Lord of the Rings FREE Trial  (Version: 1.00.0000)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VLC media player 2.0.5 (Version: 2.0.5)
Vuze (Version: 4.8.1.2)
WebReg (Version: 140.0.212.017)
WinPatrol (Version: 26.1.2013.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 2813.55 MB
Available physical RAM: 1633.7 MB
Total Pagefile: 5625.4 MB
Available Pagefile: 3879.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.73 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.51 GB) (Free:869.2 GB) NTFS
2 Drive d: () (Fixed) (Total:465.76 GB) (Free:135.96 GB) NTFS
4 Drive f: (ADATA HD710) (Fixed) (Total:931.51 GB) (Free:610.42 GB) NTFS

========================= Users: ========================================

User accounts for \\NEO-PC

Administrator            Guest                    Neo                      


**** End of log ****
 



#4 alexnyc

alexnyc
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 11 February 2013 - 04:43 PM

ADWCleaner failed to produce a log at the first intent but on a second one (I was asked to restart my PC), I got the following log:

 

# AdwCleaner v2.112 - Logfile created 02/11/2013 at 16:39:30
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Neo - NEO-PC
# Boot Mode : Normal
# Running from : C:\Users\Neo\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\iufd6fk7.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [663 octets] - [11/02/2013 16:39:30]

########## EOF - C:\AdwCleaner[S1].txt - [722 octets] ##########
 


Edited by alexnyc, 11 February 2013 - 04:43 PM.


#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 11 February 2013 - 04:46 PM

You have three antivirus app un-install two of them you only need one AV I only suggest that AVG is one of the items you remove.

 

COMODO Internet Security (Version: 5.12.59641.2599)

AVG 2013 (Version: 2013.0.2890)

ESET NOD32 Antivirus (Version: 6.0.308.0)



#6 alexnyc

alexnyc
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 11 February 2013 - 04:53 PM

junkware removal tool log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Professional x86
Ran by Neo on Mon 02/11/2013 at 16:46:32.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\coupons"



~~~ FireFox

Emptied folder: C:\Users\Neo\AppData\Roaming\mozilla\firefox\profiles\iufd6fk7.default\minidumps [10 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/11/2013 at 16:47:47.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 11 February 2013 - 04:58 PM

Did you see my last post?



#8 alexnyc

alexnyc
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 11 February 2013 - 05:07 PM

EmsisoftEmergencyKit website is not working propertly sense the Firefox download screen displayed a few seconds remaining while 229 of 230Mb are download for the past 5 minutes.

Should I keep waiting?



Yes, I saw your last post.

ESET is only a trial version for 1 month. I have 20 days left.

I will erase AVG.



#9 alexnyc

alexnyc
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 11 February 2013 - 05:11 PM

C:\Users\Neo\Downloads\EmsisoftEmergencyKit.zip could not be saved, because the source file could not be read.

Try again later, or contact the server administrator.

 

 

--------------------------------------------------------------------

 

I erased AVG from my PC.


Edited by alexnyc, 11 February 2013 - 05:14 PM.


#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 11 February 2013 - 05:13 PM

You need to remove Eset as well because you also have comodo it is never a good idea to have more than one AV on your machine.

Also the Emisoft site is fine here try with IE



#11 alexnyc

alexnyc
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 11 February 2013 - 05:27 PM

Firefox downloaded the complete file (after 3 unsuccessful trials) and now I am scanning my PC.



#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 11 February 2013 - 05:34 PM

Ok did you remove all but one aV?



#13 alexnyc

alexnyc
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 11 February 2013 - 05:40 PM

ESET and Comodo are still running but I unable ESET for 1 hour (the reason why I want to keep it for now (only 20 days left) it is because it has proven very successful at protection and erasing threats). I am not comfortable about keeping Comodo running as my only source of protection.



#14 alexnyc

alexnyc
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 11 February 2013 - 05:42 PM

By the way, I just noticed that I do not have Comodo Antivirus but Comodo Firewall running.



#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 11 February 2013 - 05:45 PM

By the way, I just noticed that I do not have Comodo Antivirus but Comodo Firewall running.

 

 

The mtb log says different.............

 

COMODO Internet Security (Version: 5.12.59641.2599)

 

remove the item above when eset run's out of trial mode install Avast or Avira. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users